{"id": "CENTOS_RHSA-2012-1088.NASL", "bulletinFamily": "scanner", "title": "CentOS 5 / 6 : firefox (CESA-2012:1088)", "description": "Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Firefox enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Code Audit Labs, Mariusz Mlynski, Mario\nHeiderich, Frederic Buclin, Karthikeyan Bhargavan, Matt McCutchen,\nMario Gomes, and Soroush Dalili as the original reporters of these\nissues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "published": "2012-07-18T00:00:00", "modified": "2012-07-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/59998", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?2ef2d407", "http://www.nessus.org/u?4eb5880c"], "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "type": "nessus", "lastseen": "2021-01-06T09:27:52", "edition": 26, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:870792", "OPENVAS:1361412562310870792", "OPENVAS:1361412562310802889", "OPENVAS:1361412562310881187", "OPENVAS:1361412562310123860", "OPENVAS:881187", "OPENVAS:881201", "OPENVAS:802890", "OPENVAS:1361412562310881201", "OPENVAS:1361412562310123861"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1089", "ELSA-2012-1088"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2012-1089.NASL", "SL_20120717_THUNDERBIRD_ON_SL5_X.NASL", "MOZILLA_FIREFOX_1006.NASL", "MACOSX_THUNDERBIRD_10_0_6.NASL", "ORACLELINUX_ELSA-2012-1088.NASL", "ORACLELINUX_ELSA-2012-1089.NASL", "REDHAT-RHSA-2012-1089.NASL", "MACOSX_FIREFOX_10_0_6.NASL", "SL_20120717_FIREFOX_ON_SL5_X.NASL", "REDHAT-RHSA-2012-1088.NASL"]}, {"type": "centos", "idList": ["CESA-2012:1088", "CESA-2012:1089"]}, {"type": "redhat", "idList": ["RHSA-2012:1089", "RHSA-2012:1088"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:0917-1", "OPENSUSE-SU-2012:0935-1", "OPENSUSE-SU-2012:0924-1", "SUSE-SU-2012:0895-1", "OPENSUSE-SU-2012:0899-1", "SUSE-SU-2012:0896-1"]}, {"type": "ubuntu", "idList": ["USN-1509-1", "USN-1510-1", "USN-1509-2"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12483"]}, {"type": "freebsd", "idList": ["DBF338D0-DCE5-11E1-B655-14DAE9EBCF89"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2528-1:8BC3E", "DEBIAN:DSA-2514-1:E25AC"]}, {"type": "mozilla", "idList": ["MFSA2012-44"]}, {"type": "cve", "idList": ["CVE-2012-1965", "CVE-2012-1954", "CVE-2012-1966", "CVE-2012-1962", "CVE-2012-1953", "CVE-2012-1951", "CVE-2012-1963"]}], "modified": "2021-01-06T09:27:52", "rev": 2}, "score": {"value": 9.8, "vector": "NONE", "modified": "2021-01-06T09:27:52", "rev": 2}, "vulnersScore": 9.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1088 and \n# CentOS Errata and Security Advisory 2012:1088 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59998);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\", \"CVE-2012-1967\");\n script_xref(name:\"RHSA\", value:\"2012:1088\");\n\n script_name(english:\"CentOS 5 / 6 : firefox (CESA-2012:1088)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Firefox enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Code Audit Labs, Mariusz Mlynski, Mario\nHeiderich, Frederic Buclin, Karthikeyan Bhargavan, Matt McCutchen,\nMario Gomes, and Soroush Dalili as the original reporters of these\nissues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-July/018744.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4eb5880c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-July/018747.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2ef2d407\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1951\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-10.0.6-1.el5.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-10.0.6-2.el5_8\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-devel-10.0.6-2.el5_8\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"firefox-10.0.6-1.el6.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"xulrunner-10.0.6-1.el6.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"xulrunner-devel-10.0.6-1.el6.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "naslFamily": "CentOS Local Security Checks", "pluginID": "59998", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:xulrunner-devel", "p-cpe:/a:centos:centos:xulrunner", "p-cpe:/a:centos:centos:firefox", "cpe:/o:centos:centos:5"], "scheme": null}

{"openvas": [{"lastseen": "2019-05-29T18:36:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Oracle Linux Local Security Checks ELSA-2012-1088", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123861", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1088", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1088.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123861\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:32 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1088\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1088 - firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1088\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1088.html\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\", \"CVE-2012-1967\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~2.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~2.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Check for the Version of firefox", "modified": "2018-01-01T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881187", "href": "http://plugins.openvas.org/nasl.php?oid=881187", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1088 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1088 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n A web page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\n CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n \n A malicious web page could bypass same-compartment security wrappers (SCSW)\n and execute arbitrary code with chrome privileges. (CVE-2012-1959)\n \n A flaw in the context menu functionality in Firefox could allow a malicious\n website to bypass intended restrictions and allow a cross-site scripting\n attack. (CVE-2012-1966)\n \n A page different to that in the address bar could be displayed when\n dragging and dropping to the address bar, possibly making it easier for a\n malicious site or user to perform a phishing attack. (CVE-2012-1950)\n \n A flaw in the way Firefox called history.forward and history.back could\n allow an attacker to conceal a malicious URL, possibly tricking a user\n into believing they are viewing a trusted site. (CVE-2012-1955)\n \n A flaw in a parser utility class used by Firefox to parse feeds (such as\n RSS) could allow an attacker to execute arbitrary JavaScript with the\n privileges of the user running Firefox. This issue could have affected\n other browser components or add-ons that assume the class returns\n sanitized input. (CVE-2012-1957)\n \n A flaw in the way Firefox handled X-Frame-Options headers could allow a\n malicious website to perform a clickjacking attack. (CVE-2012-1961)\n \n A flaw in the way Content Security Policy (CSP) reports were generated by\n Firefox could allow a malicious web page to steal a victim's OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n \n A flaw in the way Firefox handled certificate warnings could allow a\n man-in-the-middle attacker to create a crafted warning, possibly tricking\n a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n \n A flaw in the way Firefox handled feed:javascript URLs could allow output\n filtering to be bypassed, possibly leading to a cross-site scripting\n attack. (CVE-2012-1965)\n \n The nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\n introduced a mitigation for the CVE-2011-3389 flaw. For compatibility\n reasons, it remains disabled by default in the nss packages. This update\n makes Firefox enable the mitigation by default. It can be disabled by\n setting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\n launching Firefox. ( ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-July/018744.html\");\n script_id(881187);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:37:11 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\",\n \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\",\n \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\",\n \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\",\n \"CVE-2012-1967\", \"CVE-2011-3389\", \"CVE-2012-1949\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1088\");\n script_name(\"CentOS Update for firefox CESA-2012:1088 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~2.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~2.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:06:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Check for the Version of firefox", "modified": "2018-01-09T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881201", "href": "http://plugins.openvas.org/nasl.php?oid=881201", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1088 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1088 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n A web page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\n CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n \n A malicious web page could bypass same-compartment security wrappers (SCSW)\n and execute arbitrary code with chrome privileges. (CVE-2012-1959)\n \n A flaw in the context menu functionality in Firefox could allow a malicious\n website to bypass intended restrictions and allow a cross-site scripting\n attack. (CVE-2012-1966)\n \n A page different to that in the address bar could be displayed when\n dragging and dropping to the address bar, possibly making it easier for a\n malicious site or user to perform a phishing attack. (CVE-2012-1950)\n \n A flaw in the way Firefox called history.forward and history.back could\n allow an attacker to conceal a malicious URL, possibly tricking a user\n into believing they are viewing a trusted site. (CVE-2012-1955)\n \n A flaw in a parser utility class used by Firefox to parse feeds (such as\n RSS) could allow an attacker to execute arbitrary JavaScript with the\n privileges of the user running Firefox. This issue could have affected\n other browser components or add-ons that assume the class returns\n sanitized input. (CVE-2012-1957)\n \n A flaw in the way Firefox handled X-Frame-Options headers could allow a\n malicious website to perform a clickjacking attack. (CVE-2012-1961)\n \n A flaw in the way Content Security Policy (CSP) reports were generated by\n Firefox could allow a malicious web page to steal a victim's OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n \n A flaw in the way Firefox handled certificate warnings could allow a\n man-in-the-middle attacker to create a crafted warning, possibly tricking\n a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n \n A flaw in the way Firefox handled feed:javascript URLs could allow output\n filtering to be bypassed, possibly leading to a cross-site scripting\n attack. (CVE-2012-1965)\n \n The nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\n introduced a mitigation for the CVE-2011-3389 flaw. For compatibility\n reasons, it remains disabled by default in the nss packages. This update\n makes Firefox enable the mitigation by default. It can be disabled by\n setting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\n launching Firefox. ( ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-July/018747.html\");\n script_id(881201);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:41:42 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\",\n \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\",\n \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\",\n \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\",\n \"CVE-2012-1967\", \"CVE-2011-3389\", \"CVE-2012-1949\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1088\");\n script_name(\"CentOS Update for firefox CESA-2012:1088 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:1361412562310881187", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881187", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1088 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1088 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-July/018744.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881187\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:37:11 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\",\n \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\",\n \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\",\n \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\",\n \"CVE-2012-1967\", \"CVE-2011-3389\", \"CVE-2012-1949\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1088\");\n script_name(\"CentOS Update for firefox CESA-2012:1088 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n A web page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\n CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n\n A malicious web page could bypass same-compartment security wrappers (SCSW)\n and execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\n A flaw in the context menu functionality in Firefox could allow a malicious\n website to bypass intended restrictions and allow a cross-site scripting\n attack. (CVE-2012-1966)\n\n A page different to that in the address bar could be displayed when\n dragging and dropping to the address bar, possibly making it easier for a\n malicious site or user to perform a phishing attack. (CVE-2012-1950)\n\n A flaw in the way Firefox called history.forward and history.back could\n allow an attacker to conceal a malicious URL, possibly tricking a user\n into believing they are viewing a trusted site. (CVE-2012-1955)\n\n A flaw in a parser utility class used by Firefox to parse feeds (such as\n RSS) could allow an attacker to execute arbitrary JavaScript with the\n privileges of the user running Firefox. This issue could have affected\n other browser components or add-ons that assume the class returns\n sanitized input. (CVE-2012-1957)\n\n A flaw in the way Firefox handled X-Frame-Options headers could allow a\n malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\n A flaw in the way Content Security Policy (CSP) reports were generated by\n Firefox could allow a malicious web page to steal a victim's OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n A flaw in the way Firefox handled certificate warnings could allow a\n man-in-the-middle attacker to create a crafted warning, possibly tricking\n a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\n A flaw in the way Firefox handled feed:javascript URLs could allow output\n filtering to be bypassed, possibly leading to a cross-site scripting\n attack. (CVE-2012-1965)\n\n The nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\n introduced a mitigation for the CVE-2011-3389 flaw. For compatibility\n reasons, it remains disabled by default in the nss packages. This update\n makes Firefox enable the mitigation by default. It can be disabled by\n setting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\n launching Firefox. ( ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~2.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~2.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-07-19T00:00:00", "id": "OPENVAS:1361412562310870792", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870792", "type": "openvas", "title": "RedHat Update for firefox RHSA-2012:1088-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2012:1088-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-July/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870792\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-19 10:28:50 +0530 (Thu, 19 Jul 2012)\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\",\n \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\",\n \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\",\n \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\",\n \"CVE-2012-1967\", \"CVE-2011-3389\", \"CVE-2012-1949\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:1088-01\");\n script_name(\"RedHat Update for firefox RHSA-2012:1088-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n A web page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\n CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n\n A malicious web page could bypass same-compartment security wrappers (SCSW)\n and execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\n A flaw in the context menu functionality in Firefox could allow a malicious\n website to bypass intended restrictions and allow a cross-site scripting\n attack. (CVE-2012-1966)\n\n A page different to that in the address bar could be displayed when\n dragging and dropping to the address bar, possibly making it easier for a\n malicious site or user to perform a phishing attack. (CVE-2012-1950)\n\n A flaw in the way Firefox called history.forward and history.back could\n allow an attacker to conceal a malicious URL, possibly tricking a user\n into believing they are viewing a trusted site. (CVE-2012-1955)\n\n A flaw in a parser utility class used by Firefox to parse feeds (such as\n RSS) could allow an attacker to execute arbitrary JavaScript with the\n privileges of the user running Firefox. This issue could have affected\n other browser components or add-ons that assume the class returns\n sanitized input. (CVE-2012-1957)\n\n A flaw in the way Firefox handled X-Frame-Options headers could allow a\n malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\n A flaw in the way Content Security Policy (CSP) reports were generated by\n Firefox could allow a malicious web page to steal a victim's OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n A flaw in the way Firefox handled certificate warnings could allow a\n man-in-the-middle attacker to create a crafted warning, possibly tricking\n a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\n A flaw in the way Firefox handled feed:javascript URLs could allow output\n filtering to be bypassed, possibly leading to a cross-site scripting\n attack. (CVE-2012-1965)\n\n The nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\n introduced a mitigation for the CVE-2011-3389 flaw. For compatibility\n reasons, it remains disabled by default in the nss packages. This update\n ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.6~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.6~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:1361412562310881201", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881201", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1088 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1088 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-July/018747.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881201\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:41:42 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\",\n \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\",\n \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\",\n \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\",\n \"CVE-2012-1967\", \"CVE-2011-3389\", \"CVE-2012-1949\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1088\");\n script_name(\"CentOS Update for firefox CESA-2012:1088 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n A web page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\n CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n\n A malicious web page could bypass same-compartment security wrappers (SCSW)\n and execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\n A flaw in the context menu functionality in Firefox could allow a malicious\n website to bypass intended restrictions and allow a cross-site scripting\n attack. (CVE-2012-1966)\n\n A page different to that in the address bar could be displayed when\n dragging and dropping to the address bar, possibly making it easier for a\n malicious site or user to perform a phishing attack. (CVE-2012-1950)\n\n A flaw in the way Firefox called history.forward and history.back could\n allow an attacker to conceal a malicious URL, possibly tricking a user\n into believing they are viewing a trusted site. (CVE-2012-1955)\n\n A flaw in a parser utility class used by Firefox to parse feeds (such as\n RSS) could allow an attacker to execute arbitrary JavaScript with the\n privileges of the user running Firefox. This issue could have affected\n other browser components or add-ons that assume the class returns\n sanitized input. (CVE-2012-1957)\n\n A flaw in the way Firefox handled X-Frame-Options headers could allow a\n malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\n A flaw in the way Content Security Policy (CSP) reports were generated by\n Firefox could allow a malicious web page to steal a victim's OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n A flaw in the way Firefox handled certificate warnings could allow a\n man-in-the-middle attacker to create a crafted warning, possibly tricking\n a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\n A flaw in the way Firefox handled feed:javascript URLs could allow output\n filtering to be bypassed, possibly leading to a cross-site scripting\n attack. (CVE-2012-1965)\n\n The nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\n introduced a mitigation for the CVE-2011-3389 flaw. For compatibility\n reasons, it remains disabled by default in the nss packages. This update\n makes Firefox enable the mitigation by default. It can be disabled by\n setting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\n launching Firefox. ( ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:07:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Check for the Version of firefox", "modified": "2018-01-04T00:00:00", "published": "2012-07-19T00:00:00", "id": "OPENVAS:870792", "href": "http://plugins.openvas.org/nasl.php?oid=870792", "type": "openvas", "title": "RedHat Update for firefox RHSA-2012:1088-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2012:1088-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n A web page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\n CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n\n A malicious web page could bypass same-compartment security wrappers (SCSW)\n and execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\n A flaw in the context menu functionality in Firefox could allow a malicious\n website to bypass intended restrictions and allow a cross-site scripting\n attack. (CVE-2012-1966)\n\n A page different to that in the address bar could be displayed when\n dragging and dropping to the address bar, possibly making it easier for a\n malicious site or user to perform a phishing attack. (CVE-2012-1950)\n\n A flaw in the way Firefox called history.forward and history.back could\n allow an attacker to conceal a malicious URL, possibly tricking a user\n into believing they are viewing a trusted site. (CVE-2012-1955)\n\n A flaw in a parser utility class used by Firefox to parse feeds (such as\n RSS) could allow an attacker to execute arbitrary JavaScript with the\n privileges of the user running Firefox. This issue could have affected\n other browser components or add-ons that assume the class returns\n sanitized input. (CVE-2012-1957)\n\n A flaw in the way Firefox handled X-Frame-Options headers could allow a\n malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\n A flaw in the way Content Security Policy (CSP) reports were generated by\n Firefox could allow a malicious web page to steal a victim's OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n A flaw in the way Firefox handled certificate warnings could allow a\n man-in-the-middle attacker to create a crafted warning, possibly tricking\n a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\n A flaw in the way Firefox handled feed:javascript URLs could allow output\n filtering to be bypassed, possibly leading to a cross-site scripting\n attack. (CVE-2012-1965)\n\n The nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\n introduced a mitigation for the CVE-2011-3389 flaw. For compatibility\n reasons, it remains disabled by default in the nss packages. This update\n ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-July/msg00015.html\");\n script_id(870792);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-19 10:28:50 +0530 (Thu, 19 Jul 2012)\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\",\n \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\",\n \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\",\n \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\",\n \"CVE-2012-1967\", \"CVE-2011-3389\", \"CVE-2012-1949\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1088-01\");\n script_name(\"RedHat Update for firefox RHSA-2012:1088-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.6~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.6~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.6~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.6~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.6~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.6~2.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Oracle Linux Local Security Checks ELSA-2012-1089", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123860", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123860", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1089", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1089.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123860\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:31 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1089\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1089 - thunderbird security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1089\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1089.html\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1967\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.6~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:15:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1963"], "description": "This host is installed with Mozilla firefox/thunderbird/seamonkey and is\n prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2012-07-23T00:00:00", "id": "OPENVAS:1361412562310802889", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802889", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities - July12 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Products Multiple Vulnerabilities - July12 (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802889\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\",\n \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\",\n \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\",\n \"CVE-2012-1967\");\n script_bugtraq_id(54580, 54578, 54586, 54583, 54574, 54576, 54584,\n 54575, 54582, 54573);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-07-23 17:31:44 +0530 (Mon, 23 Jul 2012)\");\n script_name(\"Mozilla Products Multiple Vulnerabilities - July12 (Windows)\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/49965\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1027256\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1027257\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-42.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-44.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-45.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-47.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-48.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-49.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-51.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-53.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-56.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_seamonkey_detect_win.nasl\",\n \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to inject scripts, bypass\n certain security restrictions, execute arbitrary code in the context of the\n browser or cause a denial of service.\");\n script_tag(name:\"affected\", value:\"SeaMonkey version before 2.11\n\n Thunderbird version 5.0 through 13.0\n\n Mozilla Firefox version 4.x through 13.0\n\n Thunderbird ESR version 10.x before 10.0.6\n\n Mozilla Firefox ESR version 10.x before 10.0.6 on Windows\");\n script_tag(name:\"insight\", value:\"- Use-after-free error exists within the functions\n 'nsGlobalWindow::PageHidden()', 'nsSMILTimeValueSpec::IsEventBased',\n 'nsDocument::AdoptNode' and 'JSDependentString::undepend'.\n\n - Multiple unspecified errors within the browser engine can be exploited to\n corrupt memory.\n\n - An error within the feed-view functionality.\n\n - An out-of-bounds read error within the\n 'ElementAnimations::EnsureStyleRuleFor()'.\n\n - A bad cast error within the 'nsTableFrame::InsertFrames()', can be\n exploited to corrupt memory.\");\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla firefox/thunderbird/seamonkey and is\n prone to multiple vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 14.0 or ESR version 10.0.6 or later, upgrade to SeaMonkey version to 2.11 or later,\n upgrade to Thunderbird version to 14.0 or ESR 10.0.6 or later.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/projects/seamonkey/\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/en-US/thunderbird/\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"10.0.5\")||\n version_in_range(version:ffVer, test_version:\"11.0\", test_version2:\"13.0\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nseaVer = get_kb_item(\"Seamonkey/Win/Ver\");\nif(seaVer)\n{\n if(version_is_less(version:seaVer, test_version:\"2.11\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer)\n{\n if(version_in_range(version:tbVer, test_version:\"5.0\", test_version2:\"10.0.5\")||\n version_in_range(version:tbVer, test_version:\"11.0\", test_version2:\"13.0\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-12T10:51:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1963"], "description": "This host is installed with Mozilla firefox/thunderbird/seamonkey and is\n prone to multiple vulnerabilities.", "modified": "2017-06-27T00:00:00", "published": "2012-07-23T00:00:00", "id": "OPENVAS:802890", "href": "http://plugins.openvas.org/nasl.php?oid=802890", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities - July12 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_jul12_macosx.nasl 6445 2017-06-27 12:31:06Z santu $\n#\n# Mozilla Products Multiple Vulnerabilities - July12 (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Upgrade to Mozilla Firefox version 14.0 or ESR version 10.0.6 or later,\n For updates refer to http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to SeaMonkey version to 2.11 or later,\n http://www.mozilla.org/projects/seamonkey/\n\n Upgrade to Thunderbird version to 14.0 or ESR 10.0.6 or later,\n http://www.mozilla.org/en-US/thunderbird/\";\n\ntag_impact = \"Successful exploitation could allow attackers to inject scripts, bypass\n certain security restrictions, execute arbitrary code in the context of the\n browser or cause a denial of service.\n Impact Level: System/Application\";\ntag_affected = \"SeaMonkey version before 2.11\n Thunderbird version 5.0 through 13.0\n Mozilla Firefox version 4.x through 13.0\n Thunderbird ESR version 10.x before 10.0.6\n Mozilla Firefox ESR version 10.x before 10.0.6 on Mac OS X\";\ntag_insight = \"- Use-after-free error exists within the functions\n 'nsGlobalWindow::PageHidden()', 'nsSMILTimeValueSpec::IsEventBased',\n 'nsDocument::AdoptNode' and 'JSDependentString::undepend'.\n - Multiple unspecified errors within the browser engine can be exploited to\n corrupt memory.\n - An error within the feed-view functionality.\n - An out-of-bounds read error within the\n 'ElementAnimations::EnsureStyleRuleFor()'.\n - A bad cast error within the 'nsTableFrame::InsertFrames()', can be\n exploited to corrupt memory\";\ntag_summary = \"This host is installed with Mozilla firefox/thunderbird/seamonkey and is\n prone to multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(802890);\n script_version(\"$Revision: 6445 $\");\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\",\n \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\",\n \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\",\n \"CVE-2012-1967\");\n script_bugtraq_id(54580, 54578, 54586, 54583, 54574, 54576, 54584,\n 54575, 54582, 54573);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-27 14:31:06 +0200 (Tue, 27 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-23 17:31:44 +0530 (Mon, 23 Jul 2012)\");\n script_name(\"Mozilla Products Multiple Vulnerabilities - July12 (Mac OS X)\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/49965\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1027256\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1027257\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-42.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-44.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-45.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-47.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-48.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-49.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-51.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-53.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-56.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Mac/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Firefox Check\nffVer = \"\";\nffVer = get_kb_item(\"Mozilla/Firefox/MacOSX/Version\");\n\nif(ffVer)\n{\n # Grep for Firefox version\n if(version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"10.0.5\")||\n version_in_range(version:ffVer, test_version:\"11.0\", test_version2:\"13.0\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n# SeaMonkey Check\nseaVer = \"\";\nseaVer = get_kb_item(\"SeaMonkey/MacOSX/Version\");\n\nif(seaVer)\n{\n # Grep for SeaMonkey version\n if(version_is_less(version:seaVer, test_version:\"2.11\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n# Thunderbird Check\ntbVer = \"\";\ntbVer = get_kb_item(\"ThunderBird/MacOSX/Version\");\n\nif(tbVer)\n{\n # Grep for Thunderbird version\n if(version_in_range(version:tbVer, test_version:\"5.0\", test_version2:\"10.0.5\")||\n version_in_range(version:tbVer, test_version:\"11.0\", test_version2:\"13.0\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:31", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "firefox\n[10.0.6-1.0.1.el6_3]\n- Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js\n[10.0.6-1]\n- Update to 10.0.6 ESR\n[10.0.5-3]\n- Enabled WebM\n[10.0.5-2]\n- Added fix for mozbz#703633, rhbz#818341\nxulrunner\n[10.0.6-1.0.1.el6_3]\n- Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js\n[10.0.6-1]\n- Update to 10.0.6 ESR\n[10.0.5-3]\n- Added fix for rhbz#808136 (mozbz#762301)\n[10.0.5-2]\n- Enabled WebM (rhbz#798880)", "edition": 4, "modified": "2012-07-17T00:00:00", "published": "2012-07-17T00:00:00", "id": "ELSA-2012-1088", "href": "http://linux.oracle.com/errata/ELSA-2012-1088.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:44", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "[10.0.6-1.0.1.el6_3]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n- Replace clean.gif in tarball\n[10.0.6-1]\n- Update to 10.0.6 ESR", "edition": 4, "modified": "2012-07-17T00:00:00", "published": "2012-07-17T00:00:00", "id": "ELSA-2012-1089", "href": "http://linux.oracle.com/errata/ELSA-2012-1089.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T03:48:16", "description": "The installed version of Firefox 10.0.x is potentially\naffected by the following security issues :\n\n - Several memory safety issues exist, some of which could\n potentially allow arbitrary code execution.\n (CVE-2012-1948)\n\n - An error related to drag and drop can allow incorrect\n URLs to be displayed. (CVE-2012-1950)\n\n - Several memory safety issues exist related to the Gecko\n layout engine. (CVE-2012-1951, CVE-2012-1952,\n CVE-2012-1953, CVE-2012-1954)\n\n - An error related to JavaScript functions\n 'history.forward' and 'history.back' can allow\n incorrect URLs to be displayed. (CVE-2012-1955)\n\n - Cross-site scripting attacks are possible due to an\n error related to the '<embed>' tag within an RSS\n '<description>' element. (CVE-2012-1957)\n\n - A use-after-free error exists related to the method\n 'nsGlobalWindow::PageHidden'. (CVE-2012-1958)\n\n - An error exists that can allow 'same-compartment\n security wrappers' (SCSW) to be bypassed.\n (CVE-2012-1959)\n \n - The 'X-Frames-Options' header is ignored if it is\n duplicated. (CVE-2012-1961)\n\n - A memory corruption error exists related to the method\n 'JSDependentString::undepend'. (CVE-2012-1962)\n\n - An error related to the 'Content Security Policy' (CSP)\n implementation can allow the disclosure of OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n - An error exists related to the certificate warning page\n that can allow 'clickjacking' thereby tricking a user\n into accepting unintended certificates. (CVE-2012-1964)\n\n - An error exists related to the 'feed:' URL that can\n allow cross-site scripting attacks. (CVE-2012-1965)\n\n - Cross-site scripting attacks are possible due to an\n error related to the 'data:' URL and context menus.\n (CVE-2012-1966)\n\n - An error exists related to the 'javascript:' URL that\n can allow scripts to run at elevated privileges outside\n the sandbox. (CVE-2012-1967)", "edition": 25, "published": "2012-07-19T00:00:00", "title": "Firefox 10.0.x < 10.0.6 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_1006.NASL", "href": "https://www.tenable.com/plugins/nessus/60042", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60042);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-1948\",\n \"CVE-2012-1950\",\n \"CVE-2012-1951\",\n \"CVE-2012-1952\",\n \"CVE-2012-1953\",\n \"CVE-2012-1954\",\n \"CVE-2012-1955\",\n \"CVE-2012-1957\",\n \"CVE-2012-1958\",\n \"CVE-2012-1959\",\n \"CVE-2012-1961\",\n \"CVE-2012-1962\",\n \"CVE-2012-1963\",\n \"CVE-2012-1964\",\n \"CVE-2012-1965\",\n \"CVE-2012-1966\",\n \"CVE-2012-1967\"\n );\n script_bugtraq_id(\n 54573,\n 54574,\n 54575,\n 54576,\n 54577,\n 54578,\n 54579,\n 54581,\n 54582,\n 54583,\n 54584,\n 54585,\n 54586\n );\n\n script_name(english:\"Firefox 10.0.x < 10.0.6 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox 10.0.x is potentially\naffected by the following security issues :\n\n - Several memory safety issues exist, some of which could\n potentially allow arbitrary code execution.\n (CVE-2012-1948)\n\n - An error related to drag and drop can allow incorrect\n URLs to be displayed. (CVE-2012-1950)\n\n - Several memory safety issues exist related to the Gecko\n layout engine. (CVE-2012-1951, CVE-2012-1952,\n CVE-2012-1953, CVE-2012-1954)\n\n - An error related to JavaScript functions\n 'history.forward' and 'history.back' can allow\n incorrect URLs to be displayed. (CVE-2012-1955)\n\n - Cross-site scripting attacks are possible due to an\n error related to the '<embed>' tag within an RSS\n '<description>' element. (CVE-2012-1957)\n\n - A use-after-free error exists related to the method\n 'nsGlobalWindow::PageHidden'. (CVE-2012-1958)\n\n - An error exists that can allow 'same-compartment\n security wrappers' (SCSW) to be bypassed.\n (CVE-2012-1959)\n \n - The 'X-Frames-Options' header is ignored if it is\n duplicated. (CVE-2012-1961)\n\n - A memory corruption error exists related to the method\n 'JSDependentString::undepend'. (CVE-2012-1962)\n\n - An error related to the 'Content Security Policy' (CSP)\n implementation can allow the disclosure of OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n - An error exists related to the certificate warning page\n that can allow 'clickjacking' thereby tricking a user\n into accepting unintended certificates. (CVE-2012-1964)\n\n - An error exists related to the 'feed:' URL that can\n allow cross-site scripting attacks. (CVE-2012-1965)\n\n - Cross-site scripting attacks are possible due to an\n error related to the 'data:' URL and context menus.\n (CVE-2012-1966)\n\n - An error exists related to the 'javascript:' URL that\n can allow scripts to run at elevated privileges outside\n the sandbox. (CVE-2012-1967)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-42/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-43/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-44/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-45/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-46/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-47/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-48/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-49/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-51/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-52/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-53/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-54/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-55/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-56/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 10.0.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1967\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\"); \n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'10.0.6', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:27:41", "description": "The installed version of Firefox is earlier than 10.0.6 and thus, is \npotentially affected by the following security issues :\n\n - Several memory safety issues exist, some of which could\n potentially allow arbitrary code execution.\n (CVE-2012-1948)\n\n - An error related to drag and drop can allow incorrect \n URLs to be displayed. (CVE-2012-1950)\n\n - Several memory safety issues exist related to the Gecko\n layout engine. (CVE-2012-1951, CVE-2012-1952,\n CVE-2012-1953, CVE-2012-1954)\n\n - An error related to JavaScript functions\n 'history.forward' and 'history.back' can allow\n incorrect URLs to be displayed. (CVE-2012-1955)\n\n - Cross-site scripting attacks are possible due to an\n error related to the '<embed>' tag within an RSS\n '<description>' element. (CVE-2012-1957)\n\n - A use-after-free error exists related to the method\n 'nsGlobalWindow::PageHidden'. (CVE-2012-1958)\n\n - An error exists that can allow 'same-compartment\n security wrappers' (SCSW) to be bypassed.\n (CVE-2012-1959)\n \n - The 'X-Frames-Options' header is ignored if it is\n duplicated. (CVE-2012-1961)\n\n - A memory corruption error exists related to the method\n 'JSDependentString::undepend'. (CVE-2012-1962)\n\n - An error related to the 'Content Security Policy' (CSP)\n implementation can allow the disclosure of OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n - An error exists related to the certificate warning page\n that can allow 'clickjacking' thereby tricking a user \n into accepting unintended certificates. (CVE-2012-1964)\n\n - An error exists related to the 'feed:' URL that can\n allow cross-site scripting attacks. (CVE-2012-1965)\n\n - Cross-site scripting attacks are possible due to an\n error related to the 'data:' URL and context menus.\n (CVE-2012-1966)\n\n - An error exists related to the 'javascript:' URL that\n can allow scripts to run at elevated privileges outside\n the sandbox. (CVE-2012-1967)", "edition": 25, "published": "2012-07-19T00:00:00", "title": "Firefox < 10.0.6 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOSX_FIREFOX_10_0_6.NASL", "href": "https://www.tenable.com/plugins/nessus/60038", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60038);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-1948\",\n \"CVE-2012-1950\",\n \"CVE-2012-1951\",\n \"CVE-2012-1952\",\n \"CVE-2012-1953\",\n \"CVE-2012-1954\",\n \"CVE-2012-1955\",\n \"CVE-2012-1957\",\n \"CVE-2012-1958\",\n \"CVE-2012-1959\",\n \"CVE-2012-1961\",\n \"CVE-2012-1962\",\n \"CVE-2012-1963\",\n \"CVE-2012-1964\",\n \"CVE-2012-1965\",\n \"CVE-2012-1966\",\n \"CVE-2012-1967\"\n );\n script_bugtraq_id(\n 54573,\n 54574,\n 54575,\n 54576,\n 54577,\n 54578,\n 54579,\n 54581,\n 54582,\n 54583,\n 54584,\n 54585,\n 54586\n );\n\n script_name(english:\"Firefox < 10.0.6 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox is earlier than 10.0.6 and thus, is \npotentially affected by the following security issues :\n\n - Several memory safety issues exist, some of which could\n potentially allow arbitrary code execution.\n (CVE-2012-1948)\n\n - An error related to drag and drop can allow incorrect \n URLs to be displayed. (CVE-2012-1950)\n\n - Several memory safety issues exist related to the Gecko\n layout engine. (CVE-2012-1951, CVE-2012-1952,\n CVE-2012-1953, CVE-2012-1954)\n\n - An error related to JavaScript functions\n 'history.forward' and 'history.back' can allow\n incorrect URLs to be displayed. (CVE-2012-1955)\n\n - Cross-site scripting attacks are possible due to an\n error related to the '<embed>' tag within an RSS\n '<description>' element. (CVE-2012-1957)\n\n - A use-after-free error exists related to the method\n 'nsGlobalWindow::PageHidden'. (CVE-2012-1958)\n\n - An error exists that can allow 'same-compartment\n security wrappers' (SCSW) to be bypassed.\n (CVE-2012-1959)\n \n - The 'X-Frames-Options' header is ignored if it is\n duplicated. (CVE-2012-1961)\n\n - A memory corruption error exists related to the method\n 'JSDependentString::undepend'. (CVE-2012-1962)\n\n - An error related to the 'Content Security Policy' (CSP)\n implementation can allow the disclosure of OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n - An error exists related to the certificate warning page\n that can allow 'clickjacking' thereby tricking a user \n into accepting unintended certificates. (CVE-2012-1964)\n\n - An error exists related to the 'feed:' URL that can\n allow cross-site scripting attacks. (CVE-2012-1965)\n\n - Cross-site scripting attacks are possible due to an\n error related to the 'data:' URL and context menus.\n (CVE-2012-1966)\n\n - An error exists related to the 'javascript:' URL that\n can allow scripts to run at elevated privileges outside\n the sandbox. (CVE-2012-1967)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-42/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-43/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-44/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-45/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-46/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-47/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-48/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-49/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-51/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-52/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-53/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-54/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-55/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-56/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 10.0.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1967\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'10.0.6', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:46:43", "description": "Mozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe a previous nss update introduced a mitigation for the\nCVE-2011-3389 flaw. For compatibility reasons, it remains disabled by\ndefault in the nss packages. This update makes Firefox enable the\nmitigation by default. It can be disabled by setting the\nNSS_SSL_CBC_RANDOM_IV environment variable to 0 before launching\nFirefox.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "edition": 15, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20120717)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2012-08-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo", "p-cpe:/a:fermilab:scientific_linux:firefox", "p-cpe:/a:fermilab:scientific_linux:xulrunner-devel", "p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:xulrunner"], "id": "SL_20120717_FIREFOX_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61364);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\", \"CVE-2012-1967\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20120717)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe a previous nss update introduced a mitigation for the\nCVE-2011-3389 flaw. For compatibility reasons, it remains disabled by\ndefault in the nss packages. This update makes Firefox enable the\nmitigation by default. It can be disabled by setting the\nNSS_SSL_CBC_RANDOM_IV environment variable to 0 before launching\nFirefox.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=4902\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c0d16259\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"firefox-10.0.6-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"firefox-debuginfo-10.0.6-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-10.0.6-2.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-debuginfo-10.0.6-2.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-10.0.6-2.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"firefox-10.0.6-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"firefox-debuginfo-10.0.6-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"xulrunner-10.0.6-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"xulrunner-debuginfo-10.0.6-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"xulrunner-devel-10.0.6-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:47:04", "description": "From Red Hat Security Advisory 2012:1088 :\n\nUpdated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Firefox enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Code Audit Labs, Mariusz Mlynski, Mario\nHeiderich, Frederic Buclin, Karthikeyan Bhargavan, Matt McCutchen,\nMario Gomes, and Soroush Dalili as the original reporters of these\nissues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "edition": 19, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : firefox (ELSA-2012-1088)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:firefox", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:xulrunner-devel"], "id": "ORACLELINUX_ELSA-2012-1088.NASL", "href": "https://www.tenable.com/plugins/nessus/68578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1088 and \n# Oracle Linux Security Advisory ELSA-2012-1088 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68578);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\", \"CVE-2012-1967\");\n script_xref(name:\"RHSA\", value:\"2012:1088\");\n\n script_name(english:\"Oracle Linux 5 / 6 : firefox (ELSA-2012-1088)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:1088 :\n\nUpdated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Firefox enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Code Audit Labs, Mariusz Mlynski, Mario\nHeiderich, Frederic Buclin, Karthikeyan Bhargavan, Matt McCutchen,\nMario Gomes, and Soroush Dalili as the original reporters of these\nissues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-July/002939.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-July/002944.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"firefox-10.0.6-1.0.1.el5_8\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-10.0.6-2.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-10.0.6-2.0.1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"firefox-10.0.6-1.0.1.el6_3\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-10.0.6-1.0.1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-devel-10.0.6-1.0.1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:10:58", "description": "Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Firefox enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Code Audit Labs, Mariusz Mlynski, Mario\nHeiderich, Frederic Buclin, Karthikeyan Bhargavan, Matt McCutchen,\nMario Gomes, and Soroush Dalili as the original reporters of these\nissues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "edition": 23, "published": "2012-07-18T00:00:00", "title": "RHEL 5 / 6 : firefox (RHSA-2012:1088)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2012-07-18T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:xulrunner", "p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1088.NASL", "href": "https://www.tenable.com/plugins/nessus/60008", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1088. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60008);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\", \"CVE-2012-1967\");\n script_xref(name:\"RHSA\", value:\"2012:1088\");\n\n script_name(english:\"RHEL 5 / 6 : firefox (RHSA-2012:1088)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a\nmalicious website to bypass intended restrictions and allow a\ncross-site scripting attack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier\nfor a malicious site or user to perform a phishing attack.\n(CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with\nthe privileges of the user running Firefox. This issue could have\naffected other browser components or add-ons that assume the class\nreturns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow\na malicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Firefox could allow a malicious web page to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow\noutput filtering to be bypassed, possibly leading to a cross-site\nscripting attack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Firefox enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.6 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Code Audit Labs, Mariusz Mlynski, Mario\nHeiderich, Frederic Buclin, Karthikeyan Bhargavan, Matt McCutchen,\nMario Gomes, and Soroush Dalili as the original reporters of these\nissues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a134523f\"\n );\n # https://rhn.redhat.com/errata/RHBA-2012-0337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHBA-2012:0337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1964\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1953\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1958\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1965\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1088\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-10.0.6-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-debuginfo-10.0.6-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-10.0.6-2.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-debuginfo-10.0.6-2.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-devel-10.0.6-2.el5_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-debuginfo-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-10.0.6-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-debuginfo-10.0.6-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-devel-10.0.6-1.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:10:58", "description": "An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Thunderbird enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Mariusz Mlynski, Mario Heiderich, Frederic\nBuclin, Karthikeyan Bhargavan, and Matt McCutchen as the original\nreporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 23, "published": "2012-07-18T00:00:00", "title": "RHEL 5 / 6 : thunderbird (RHSA-2012:1089)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2012-07-18T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1089.NASL", "href": "https://www.tenable.com/plugins/nessus/60009", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1089. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60009);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1967\");\n script_xref(name:\"RHSA\", value:\"2012:1089\");\n\n script_name(english:\"RHEL 5 / 6 : thunderbird (RHSA-2012:1089)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Thunderbird enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Mariusz Mlynski, Mario Heiderich, Frederic\nBuclin, Karthikeyan Bhargavan, and Matt McCutchen as the original\nreporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://rhn.redhat.com/errata/RHBA-2012-0337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHBA-2012:0337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1964\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1953\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1958\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1089\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-10.0.6-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-10.0.6-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-debuginfo-10.0.6-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.6-1.el5_8\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.6-1.el6_3\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:47:04", "description": "From Red Hat Security Advisory 2012:1089 :\n\nAn updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Thunderbird enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Mariusz Mlynski, Mario Heiderich, Frederic\nBuclin, Karthikeyan Bhargavan, and Matt McCutchen as the original\nreporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 20, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : thunderbird (ELSA-2012-1089)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2012-1089.NASL", "href": "https://www.tenable.com/plugins/nessus/68579", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1089 and \n# Oracle Linux Security Advisory ELSA-2012-1089 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68579);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1967\");\n script_xref(name:\"RHSA\", value:\"2012:1089\");\n\n script_name(english:\"Oracle Linux 6 : thunderbird (ELSA-2012-1089)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:1089 :\n\nAn updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Thunderbird enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Mariusz Mlynski, Mario Heiderich, Frederic\nBuclin, Karthikeyan Bhargavan, and Matt McCutchen as the original\nreporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-July/002940.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"thunderbird-10.0.6-1.0.1.el6_3\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:27:52", "description": "An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Thunderbird enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Mariusz Mlynski, Mario Heiderich, Frederic\nBuclin, Karthikeyan Bhargavan, and Matt McCutchen as the original\nreporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 22, "published": "2012-07-18T00:00:00", "title": "CentOS 5 / 6 : thunderbird (CESA-2012:1089)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2012-07-18T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1089.NASL", "href": "https://www.tenable.com/plugins/nessus/59999", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1089 and \n# CentOS Errata and Security Advisory 2012:1089 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59999);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1967\");\n script_xref(name:\"RHSA\", value:\"2012:1089\");\n\n script_name(english:\"CentOS 5 / 6 : thunderbird (CESA-2012:1089)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This\nupdate makes Thunderbird enable the mitigation by default. It can be\ndisabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to\n0 before launching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian\nHoller, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese,\nmoz_bug_r_a4, Bobby Holley, Mariusz Mlynski, Mario Heiderich, Frederic\nBuclin, Karthikeyan Bhargavan, and Matt McCutchen as the original\nreporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-July/018745.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?63b8dece\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-July/018748.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ac2b36a\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1951\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"thunderbird-10.0.6-1.el5.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"thunderbird-10.0.6-1.el6.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:46:44", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA previous nss update introduced a mitigation for the CVE-2011-3389\nflaw. For compatibility reasons, it remains disabled by default in the\nnss packages. This update makes Thunderbird enable the mitigation by\ndefault. It can be disabled by setting the NSS_SSL_CBC_RANDOM_IV\nenvironment variable to 0 before launching Thunderbird.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 15, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20120717)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2012-08-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120717_THUNDERBIRD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61367", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61367);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1948\", \"CVE-2012-1951\", \"CVE-2012-1955\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1967\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20120717)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952,\nCVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962,\nCVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers\n(SCSW) and execute arbitrary code with chrome privileges.\n(CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back\ncould allow an attacker to conceal a malicious URL, possibly tricking\na user into believing they are viewing trusted content.\n(CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds\n(such as RSS) could allow an attacker to execute arbitrary JavaScript\nwith the privileges of the user running Thunderbird. This issue could\nhave affected other Thunderbird components or add-ons that assume the\nclass returns sanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could\nallow malicious content to perform a clickjacking attack.\n(CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated\nby Thunderbird could allow malicious content to steal a victim's OAuth\n2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow\na man-in-the-middle attacker to create a crafted warning, possibly\ntricking a user into accepting an arbitrary certificate as trusted.\n(CVE-2012-1964)\n\nA previous nss update introduced a mitigation for the CVE-2011-3389\nflaw. For compatibility reasons, it remains disabled by default in the\nnss packages. This update makes Thunderbird enable the mitigation by\ndefault. It can be disabled by setting the NSS_SSL_CBC_RANDOM_IV\nenvironment variable to 0 before launching Thunderbird.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=5041\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d45e8a9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-10.0.6-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-debuginfo-10.0.6-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-10.0.6-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-debuginfo-10.0.6-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:52:01", "description": "The installed version of Thunderbird 10.0.x is potentially affected \nby the following security issues :\n\n - Several memory safety issues exist, some of which could\n potentially allow arbitrary code execution.\n (CVE-2012-1948)\n\n - Several memory safety issues exist related to the Gecko\n layout engine. (CVE-2012-1951, CVE-2012-1952,\n CVE-2012-1953, CVE-2012-1954)\n\n - An error related to JavaScript functions\n 'history.forward' and 'history.back' can allow\n incorrect URLs to be displayed. (CVE-2012-1955)\n\n - Cross-site scripting attacks are possible due to an\n error related to the '<embed>' tag within an RSS\n '<description>' element. (CVE-2012-1957)\n\n - A use-after-free error exists related to the method\n 'nsGlobalWindow::PageHidden'. (CVE-2012-1958)\n\n - An error exists that can allow 'same-compartment\n security wrappers' (SCSW) to be bypassed.\n (CVE-2012-1959)\n\n - The 'X-Frames-Options' header is ignored if it is\n duplicated. (CVE-2012-1961)\n\n - A memory corruption error exists related to the method\n 'JSDependentString::undepend'. (CVE-2012-1962)\n\n - An error related to the 'Content Security Policy' (CSP)\n implementation can allow the disclosure of OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n - An error exists related to the certificate warning page\n that can allow 'clickjacking' thereby tricking a user\n into accepting unintended certificates. (CVE-2012-1964)\n\n - An error exists related to the 'javascript:' URL that\n can allow scripts to run at elevated privileges outside\n the sandbox. (CVE-2012-1967)", "edition": 25, "published": "2012-07-19T00:00:00", "title": "Mozilla Thunderbird 10.0.x < 10.0.6 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_1006.NASL", "href": "https://www.tenable.com/plugins/nessus/60044", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60044);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-1948\",\n \"CVE-2012-1951\",\n \"CVE-2012-1952\",\n \"CVE-2012-1953\",\n \"CVE-2012-1954\",\n \"CVE-2012-1955\",\n \"CVE-2012-1957\",\n \"CVE-2012-1958\",\n \"CVE-2012-1959\",\n \"CVE-2012-1961\",\n \"CVE-2012-1962\",\n \"CVE-2012-1963\",\n \"CVE-2012-1964\",\n \"CVE-2012-1967\"\n );\n script_bugtraq_id(\n 54573,\n 54574,\n 54575,\n 54576,\n 54578,\n 54581,\n 54582,\n 54583,\n 54584,\n 54586\n );\n\n script_name(english:\"Mozilla Thunderbird 10.0.x < 10.0.6 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is potentially\naffected by several vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 10.0.x is potentially affected \nby the following security issues :\n\n - Several memory safety issues exist, some of which could\n potentially allow arbitrary code execution.\n (CVE-2012-1948)\n\n - Several memory safety issues exist related to the Gecko\n layout engine. (CVE-2012-1951, CVE-2012-1952,\n CVE-2012-1953, CVE-2012-1954)\n\n - An error related to JavaScript functions\n 'history.forward' and 'history.back' can allow\n incorrect URLs to be displayed. (CVE-2012-1955)\n\n - Cross-site scripting attacks are possible due to an\n error related to the '<embed>' tag within an RSS\n '<description>' element. (CVE-2012-1957)\n\n - A use-after-free error exists related to the method\n 'nsGlobalWindow::PageHidden'. (CVE-2012-1958)\n\n - An error exists that can allow 'same-compartment\n security wrappers' (SCSW) to be bypassed.\n (CVE-2012-1959)\n\n - The 'X-Frames-Options' header is ignored if it is\n duplicated. (CVE-2012-1961)\n\n - A memory corruption error exists related to the method\n 'JSDependentString::undepend'. (CVE-2012-1962)\n\n - An error related to the 'Content Security Policy' (CSP)\n implementation can allow the disclosure of OAuth 2.0\n access tokens and OpenID credentials. (CVE-2012-1963)\n\n - An error exists related to the certificate warning page\n that can allow 'clickjacking' thereby tricking a user\n into accepting unintended certificates. (CVE-2012-1964)\n\n - An error exists related to the 'javascript:' URL that\n can allow scripts to run at elevated privileges outside\n the sandbox. (CVE-2012-1967)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-42/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-44/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-45/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-47/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-48/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-49/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-51/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-52/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-53/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-54/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-56/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 10.0.6 ESR or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1967\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:TRUE, fix:'10.0.6', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:34", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1088\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\nCVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers (SCSW)\nand execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a malicious\nwebsite to bypass intended restrictions and allow a cross-site scripting\nattack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier for a\nmalicious site or user to perform a phishing attack. (CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back could\nallow an attacker to conceal a malicious URL, possibly tricking a user\ninto believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such as\nRSS) could allow an attacker to execute arbitrary JavaScript with the\nprivileges of the user running Firefox. This issue could have affected\nother browser components or add-ons that assume the class returns\nsanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow a\nmalicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated by\nFirefox could allow a malicious web page to steal a victim's OAuth 2.0\naccess tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly tricking\na user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow output\nfiltering to be bypassed, possibly leading to a cross-site scripting\nattack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This update\nmakes Firefox enable the mitigation by default. It can be disabled by\nsetting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\nlaunching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 10.0.6 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Benoit Jacob, Jesse Ruderman, Christian Holler, Bill\nMcCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese, moz_bug_r_a4, Bobby\nHolley, Code Audit Labs, Mariusz Mlynski, Mario Heiderich, Frederic Buclin,\nKarthikeyan Bhargavan, Matt McCutchen, Mario Gomes, and Soroush Dalili as\nthe original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 10.0.6 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-July/030782.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-July/030785.html\n\n**Affected packages:**\nfirefox\nxulrunner\nxulrunner-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2012-1088.html", "edition": 3, "modified": "2012-07-18T01:07:24", "published": "2012-07-17T20:41:16", "href": "http://lists.centos.org/pipermail/centos-announce/2012-July/030782.html", "id": "CESA-2012:1088", "title": "firefox, xulrunner security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:14", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2011-3389", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1089\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content. Malicious\ncontent could cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird. (CVE-2012-1948,\nCVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1958,\nCVE-2012-1962, CVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers (SCSW)\nand execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back could\nallow an attacker to conceal a malicious URL, possibly tricking a user\ninto believing they are viewing trusted content. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with the\nprivileges of the user running Thunderbird. This issue could have affected\nother Thunderbird components or add-ons that assume the class returns\nsanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could allow\nmalicious content to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated by\nThunderbird could allow malicious content to steal a victim's OAuth 2.0\naccess tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly tricking\na user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This update\nmakes Thunderbird enable the mitigation by default. It can be disabled by\nsetting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\nlaunching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Benoit Jacob, Jesse Ruderman, Christian Holler, Bill\nMcCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese, moz_bug_r_a4, Bobby\nHolley, Mariusz Mlynski, Mario Heiderich, Frederic Buclin, Karthikeyan\nBhargavan, and Matt McCutchen as the original reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-July/030783.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-July/030786.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 3, "modified": "2012-07-18T01:08:26", "published": "2012-07-17T21:25:02", "href": "http://lists.centos.org/pipermail/centos-announce/2012-July/030783.html", "id": "CESA-2012:1089", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:07", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3389", "CVE-2012-1948", "CVE-2012-1950", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1955", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1959", "CVE-2012-1961", "CVE-2012-1962", "CVE-2012-1963", "CVE-2012-1964", "CVE-2012-1965", "CVE-2012-1966", "CVE-2012-1967"], "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nA web page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,\nCVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967)\n\nA malicious web page could bypass same-compartment security wrappers (SCSW)\nand execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\nA flaw in the context menu functionality in Firefox could allow a malicious\nwebsite to bypass intended restrictions and allow a cross-site scripting\nattack. (CVE-2012-1966)\n\nA page different to that in the address bar could be displayed when\ndragging and dropping to the address bar, possibly making it easier for a\nmalicious site or user to perform a phishing attack. (CVE-2012-1950)\n\nA flaw in the way Firefox called history.forward and history.back could\nallow an attacker to conceal a malicious URL, possibly tricking a user\ninto believing they are viewing a trusted site. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Firefox to parse feeds (such as\nRSS) could allow an attacker to execute arbitrary JavaScript with the\nprivileges of the user running Firefox. This issue could have affected\nother browser components or add-ons that assume the class returns\nsanitized input. (CVE-2012-1957)\n\nA flaw in the way Firefox handled X-Frame-Options headers could allow a\nmalicious website to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated by\nFirefox could allow a malicious web page to steal a victim's OAuth 2.0\naccess tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Firefox handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly tricking\na user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\nA flaw in the way Firefox handled feed:javascript URLs could allow output\nfiltering to be bypassed, possibly leading to a cross-site scripting\nattack. (CVE-2012-1965)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This update\nmakes Firefox enable the mitigation by default. It can be disabled by\nsetting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\nlaunching Firefox. (BZ#838879)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 10.0.6 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Benoit Jacob, Jesse Ruderman, Christian Holler, Bill\nMcCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese, moz_bug_r_a4, Bobby\nHolley, Code Audit Labs, Mariusz Mlynski, Mario Heiderich, Frederic Buclin,\nKarthikeyan Bhargavan, Matt McCutchen, Mario Gomes, and Soroush Dalili as\nthe original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 10.0.6 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "modified": "2018-06-06T20:24:34", "published": "2012-07-17T04:00:00", "id": "RHSA-2012:1088", "href": "https://access.redhat.com/errata/RHSA-2012:1088", "type": "redhat", "title": "(RHSA-2012:1088) Critical: firefox security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3389", "CVE-2012-1948", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1955", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1959", "CVE-2012-1961", "CVE-2012-1962", "CVE-2012-1963", "CVE-2012-1964", "CVE-2012-1967"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content. Malicious\ncontent could cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird. (CVE-2012-1948,\nCVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1958,\nCVE-2012-1962, CVE-2012-1967)\n\nMalicious content could bypass same-compartment security wrappers (SCSW)\nand execute arbitrary code with chrome privileges. (CVE-2012-1959)\n\nA flaw in the way Thunderbird called history.forward and history.back could\nallow an attacker to conceal a malicious URL, possibly tricking a user\ninto believing they are viewing trusted content. (CVE-2012-1955)\n\nA flaw in a parser utility class used by Thunderbird to parse feeds (such\nas RSS) could allow an attacker to execute arbitrary JavaScript with the\nprivileges of the user running Thunderbird. This issue could have affected\nother Thunderbird components or add-ons that assume the class returns\nsanitized input. (CVE-2012-1957)\n\nA flaw in the way Thunderbird handled X-Frame-Options headers could allow\nmalicious content to perform a clickjacking attack. (CVE-2012-1961)\n\nA flaw in the way Content Security Policy (CSP) reports were generated by\nThunderbird could allow malicious content to steal a victim's OAuth 2.0\naccess tokens and OpenID credentials. (CVE-2012-1963)\n\nA flaw in the way Thunderbird handled certificate warnings could allow a\nman-in-the-middle attacker to create a crafted warning, possibly tricking\na user into accepting an arbitrary certificate as trusted. (CVE-2012-1964)\n\nThe nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6\nintroduced a mitigation for the CVE-2011-3389 flaw. For compatibility\nreasons, it remains disabled by default in the nss packages. This update\nmakes Thunderbird enable the mitigation by default. It can be disabled by\nsetting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before\nlaunching Thunderbird. (BZ#838879)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Benoit Jacob, Jesse Ruderman, Christian Holler, Bill\nMcCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese, moz_bug_r_a4, Bobby\nHolley, Mariusz Mlynski, Mario Heiderich, Frederic Buclin, Karthikeyan\nBhargavan, and Matt McCutchen as the original reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.6 ESR, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n", "modified": "2018-06-06T20:24:13", "published": "2012-07-17T04:00:00", "id": "RHSA-2012:1089", "href": "https://access.redhat.com/errata/RHSA-2012:1089", "type": "redhat", "title": "(RHSA-2012:1089) Critical: thunderbird security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:35:00", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, \nGary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered \nmemory safety issues affecting Firefox. If the user were tricked into opening a \nspecially crafted page, an attacker could possibly exploit these to cause a \ndenial of service via application crash, or potentially execute code with the \nprivileges of the user invoking Firefox. (CVE-2012-1948, CVE-2012-1949)\n\nMario Gomes discovered that the address bar may be incorrectly updated. \nDrag-and-drop events in the address bar may cause the address of the previous \nsite to be displayed while a new page is loaded. An attacker could exploit this \nto conduct phishing attacks. (CVE-2012-1950)\n\nAbhishek Arya discovered four memory safety issues affecting Firefox. If the \nuser were tricked into opening a specially crafted page, an attacker could \npossibly exploit these to cause a denial of service via application crash, or \npotentially execute code with the privileges of the user invoking Firefox. \n(CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954)\n\nMariusz Mlynski discovered that the address bar may be incorrectly updated. \nCalls to history.forward and history.back could be used to navigate to a site \nwhile the address bar still displayed the previous site. A remote attacker \ncould exploit this to conduct phishing attacks. (CVE-2012-1955)\n\nMario Heiderich discovered that HTML tags were not filtered out of the \nHTML of RSS feeds. A remote attacker could exploit this to \nconduct cross-site scripting (XSS) attacks via javascript execution in the HTML \nfeed view. (CVE-2012-1957)\n\nArthur Gerkis discovered a use-after-free vulnerability. If the user were \ntricked into opening a specially crafted page, an attacker could possibly \nexploit this to cause a denial of service via application crash, or potentially \nexecute code with the privileges of the user invoking Firefox. (CVE-2012-1958)\n\nBobby Holley discovered that same-compartment security wrappers (SCSW) could be \nbypassed to allow XBL access. If the user were tricked into opening a specially \ncrafted page, an attacker could possibly exploit this to execute code with the \nprivileges of the user invoking Firefox. (CVE-2012-1959)\n\nTony Payne discovered an out-of-bounds memory read in Mozilla's color \nmanagement library (QCMS). If the user were tricked into opening a specially \ncrafted color profile, an attacker could possibly exploit this to cause a \ndenial of service via application crash. (CVE-2012-1960)\n\nFr\u00e9d\u00e9ric Buclin discovered that the X-Frame-Options header was ignored when its \nvalue was specified multiple times. An attacker could exploit this to conduct \nclickjacking attacks. (CVE-2012-1961)\n\nBill Keese discovered a memory corruption vulnerability. If the user were \ntricked into opening a specially crafted page, an attacker could possibly \nexploit this to cause a denial of service via application crash, or potentially \nexecute code with the privileges of the user invoking Firefox. (CVE-2012-1962)\n\nKarthikeyan Bhargavan discovered an information leakage vulnerability in the \nContent Security Policy (CSP) 1.0 implementation. If the user were tricked into \nopening a specially crafted page, an attacker could possibly exploit this to \naccess a user's OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nMatt McCutchen discovered a clickjacking vulnerability in the certificate \nwarning page. A remote attacker could trick a user into accepting a malicious \ncertificate via a crafted certificate warning page. (CVE-2012-1964)\n\nMario Gomes and Soroush Dalili discovered that javascript was not filtered out \nof feed URLs. If the user were tricked into opening a specially crafted URL, an \nattacker could possibly exploit this to conduct cross-site scripting (XSS) \nattacks. (CVE-2012-1965)\n\nA vulnerability was discovered in the context menu of data: URLs. If the user \nwere tricked into opening a specially crafted URL, an attacker could possibly \nexploit this to conduct cross-site scripting (XSS) attacks. (CVE-2012-1966)\n\nIt was discovered that the execution of javascript: URLs was not properly \nhandled in some cases. A remote attacker could exploit this to execute code \nwith the privileges of the user invoking Firefox. (CVE-2012-1967)", "edition": 5, "modified": "2012-07-17T00:00:00", "published": "2012-07-17T00:00:00", "id": "USN-1509-1", "href": "https://ubuntu.com/security/notices/USN-1509-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-18T01:44:43", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated \nubufox package for use with the lastest Firefox.\n\nOriginal advisory details:\n\nBenoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, \nGary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered \nmemory safety issues affecting Firefox. If the user were tricked into opening a \nspecially crafted page, an attacker could possibly exploit these to cause a \ndenial of service via application crash, or potentially execute code with the \nprivileges of the user invoking Firefox. (CVE-2012-1948, CVE-2012-1949)\n\nMario Gomes discovered that the address bar may be incorrectly updated. \nDrag-and-drop events in the address bar may cause the address of the previous \nsite to be displayed while a new page is loaded. An attacker could exploit this \nto conduct phishing attacks. (CVE-2012-1950)\n\nAbhishek Arya discovered four memory safety issues affecting Firefox. If the \nuser were tricked into opening a specially crafted page, an attacker could \npossibly exploit these to cause a denial of service via application crash, or \npotentially execute code with the privileges of the user invoking Firefox. \n(CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954)\n\nMariusz Mlynski discovered that the address bar may be incorrectly updated. \nCalls to history.forward and history.back could be used to navigate to a site \nwhile the address bar still displayed the previous site. A remote attacker \ncould exploit this to conduct phishing attacks. (CVE-2012-1955)\n\nMario Heiderich discovered that HTML tags were not filtered out of the \nHTML of RSS feeds. A remote attacker could exploit this to \nconduct cross-site scripting (XSS) attacks via javascript execution in the HTML \nfeed view. (CVE-2012-1957)\n\nArthur Gerkis discovered a use-after-free vulnerability. If the user were \ntricked into opening a specially crafted page, an attacker could possibly \nexploit this to cause a denial of service via application crash, or potentially \nexecute code with the privileges of the user invoking Firefox. (CVE-2012-1958)\n\nBobby Holley discovered that same-compartment security wrappers (SCSW) could be \nbypassed to allow XBL access. If the user were tricked into opening a specially \ncrafted page, an attacker could possibly exploit this to execute code with the \nprivileges of the user invoking Firefox. (CVE-2012-1959)\n\nTony Payne discovered an out-of-bounds memory read in Mozilla's color \nmanagement library (QCMS). If the user were tricked into opening a specially \ncrafted color profile, an attacker could possibly exploit this to cause a \ndenial of service via application crash. (CVE-2012-1960)\n\nFr\u00e9d\u00e9ric Buclin discovered that the X-Frame-Options header was ignored when its \nvalue was specified multiple times. An attacker could exploit this to conduct \nclickjacking attacks. (CVE-2012-1961)\n\nBill Keese discovered a memory corruption vulnerability. If the user were \ntricked into opening a specially crafted page, an attacker could possibly \nexploit this to cause a denial of service via application crash, or potentially \nexecute code with the privileges of the user invoking Firefox. (CVE-2012-1962)\n\nKarthikeyan Bhargavan discovered an information leakage vulnerability in the \nContent Security Policy (CSP) 1.0 implementation. If the user were tricked into \nopening a specially crafted page, an attacker could possibly exploit this to \naccess a user's OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nMatt McCutchen discovered a clickjacking vulnerability in the certificate \nwarning page. A remote attacker could trick a user into accepting a malicious \ncertificate via a crafted certificate warning page. (CVE-2012-1964)\n\nMario Gomes and Soroush Dalili discovered that javascript was not filtered out \nof feed URLs. If the user were tricked into opening a specially crafted URL, an \nattacker could possibly exploit this to conduct cross-site scripting (XSS) \nattacks. (CVE-2012-1965)\n\nA vulnerability was discovered in the context menu of data: URLs. If the user \nwere tricked into opening a specially crafted URL, an attacker could possibly \nexploit this to conduct cross-site scripting (XSS) attacks. (CVE-2012-1966)\n\nIt was discovered that the execution of javascript: URLs was not properly \nhandled in some cases. A remote attacker could exploit this to execute code \nwith the privileges of the user invoking Firefox. (CVE-2012-1967)", "edition": 6, "modified": "2012-07-18T00:00:00", "published": "2012-07-18T00:00:00", "id": "USN-1509-2", "href": "https://ubuntu.com/security/notices/USN-1509-2", "title": "ubufox update", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:43:04", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1963"], "description": "Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, \nGary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered \nmemory safety issues affecting Thunderbird. If the user were tricked into \nopening a specially crafted page, an attacker could possibly exploit these to \ncause a denial of service via application crash, or potentially execute code \nwith the privileges of the user invoking Thunderbird. (CVE-2012-1948, \nCVE-2012-1949)\n\nAbhishek Arya discovered four memory safety issues affecting Thunderbird. If \nthe user were tricked into opening a specially crafted page, an attacker could \npossibly exploit these to cause a denial of service via application crash, or \npotentially execute code with the privileges of the user invoking Thunderbird. \n(CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954)\n\nMariusz Mlynski discovered that the address bar may be incorrectly updated. \nCalls to history.forward and history.back could be used to navigate to a site \nwhile the address bar still displayed the previous site. A remote attacker \ncould exploit this to conduct phishing attacks. (CVE-2012-1955)\n\nMario Heiderich discovered that HTML tags were not filtered out of the \nHTML of RSS feeds. A remote attacker could exploit this to \nconduct cross-site scripting (XSS) attacks via javascript execution in the HTML \nfeed view. (CVE-2012-1957)\n\nArthur Gerkis discovered a use-after-free vulnerability. If the user were \ntricked into opening a specially crafted page, an attacker could possibly \nexploit this to cause a denial of service via application crash, or potentially \nexecute code with the privileges of the user invoking Thunderbird. \n(CVE-2012-1958)\n\nBobby Holley discovered that same-compartment security wrappers (SCSW) could be \nbypassed to allow XBL access. If the user were tricked into opening a specially \ncrafted page, an attacker could possibly exploit this to execute code with the \nprivileges of the user invoking Thunderbird. (CVE-2012-1959)\n\nTony Payne discovered an out-of-bounds memory read in Mozilla's color \nmanagement library (QCMS). If the user were tricked into opening a specially \ncrafted color profile, an attacker could possibly exploit this to cause a \ndenial of service via application crash. (CVE-2012-1960)\n\nFr\u00e9d\u00e9ric Buclin discovered that the X-Frame-Options header was ignored when its \nvalue was specified multiple times. An attacker could exploit this to conduct \nclickjacking attacks. (CVE-2012-1961)\n\nBill Keese discovered a memory corruption vulnerability. If the user were \ntricked into opening a specially crafted page, an attacker could possibly \nexploit this to cause a denial of service via application crash, or potentially \nexecute code with the privileges of the user invoking Thunderbird. \n(CVE-2012-1962)\n\nKarthikeyan Bhargavan discovered an information leakage vulnerability in the \nContent Security Policy (CSP) 1.0 implementation. If the user were tricked into \nopening a specially crafted page, an attacker could possibly exploit this to \naccess a user's OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963)\n\nIt was discovered that the execution of javascript: URLs was not properly \nhandled in some cases. A remote attacker could exploit this to execute code \nwith the privileges of the user invoking Thunderbird. (CVE-2012-1967)", "edition": 5, "modified": "2012-07-17T00:00:00", "published": "2012-07-17T00:00:00", "id": "USN-1510-1", "href": "https://ubuntu.com/security/notices/USN-1510-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:09:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "MozillaFirefox have been updated to the 10.0.6ESR security\n release fixing various bugs and several security issues,\n some critical.\n\n The ollowing security issues have been fixed:\n\n *\n\n MFSA 2012-42: Mozilla developers identified and fixed\n several memory safety bugs in the browser engine used in\n Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code.\n\n *\n\n CVE-2012-1948: Benoit Jacob, Jesse Ruderman,\n Christian Holler, and Bill McCloskey reported memory safety\n problems and crashes that affect Firefox ESR 10 and Firefox\n 13.\n\n *\n\n MFSA 2012-43 / CVE-2012-1950: Security researcher\n Mario Gomes andresearch firm Code Audit Labs reported a\n mechanism to short-circuit page loads through drag and drop\n to the addressbar by canceling the page load. This causes\n the address of the previously site entered to be displayed\n in the addressbar instead of the currently loaded page.\n This could lead to potential phishing attacks on users.\n\n *\n\n MFSA 2012-44 Google security researcher Abhishek Arya\n used the Address Sanitizer tool to uncover four issues: two\n use-after-free problems, one out of bounds read bug, and a\n bad cast. The first use-afte.r-free problem is caused when\n an array of nsSMILTimeValueSpec objects is destroyed but\n attempts are made to call into objects in this array later.\n The second use-after-free problem is in\n nsDocument::AdoptNode when it adopts into an empty document\n and then adopts into another document, emptying the first\n one. The heap buffer overflow is in ElementAnimations when\n data is read off of end of an array and then pointers are\n dereferenced. The bad cast happens when\n nsTableFrame::InsertFrames is called with frames in\n aFrameList that are a mix of row group frames and column\n group frames. AppendFrames is not able to handle this mix.\n\n All four of these issues are potentially exploitable.\n\n o CVE-2012-1951: Heap-use-after-free in\n nsSMILTimeValueSpec::IsEventBased o CVE-2012-1954:\n Heap-use-after-free in nsDocument::AdoptNode o\n CVE-2012-1953: Out of bounds read in\n ElementAnimations::EnsureStyleRuleFor o CVE-2012-1952: Bad\n cast in nsTableFrame::InsertFrames\n *\n\n MFSA 2012-45 / CVE-2012-1955: Security researcher\n Mariusz Mlynski reported an issue with spoofing of the\n location property. In this issue, calls to history.forward\n and history.back are used to navigate to a site while\n displaying the previous site in the addressbar but changing\n the baseURI to the newer site. This can be used for\n phishing by allowing the user input form or other data on\n the newer, attacking, site while appearing to be on the\n older, displayed site.\n\n *\n\n MFSA 2012-46 / CVE-2012-1966: Mozilla security\n researcher moz_bug_r_a4 reported a cross-site scripting\n (XSS) attack through the context menu using a data: URL. In\n this issue, context menu functionality (&quot;View Image&quot;, &quot;Show\n only this frame&quot;, and &quot;View background image&quot;) are\n disallowed in a javascript: URL but allowed in a data: URL,\n allowing for XSS. This can lead to arbitrary code execution.\n\n *\n\n MFSA 2012-47 / CVE-2012-1957: Security researcher\n Mario Heiderich reported that javascript could be executed\n in the HTML feed-view using tag within the RSS . This\n problem is due to tags not being filtered out during\n parsing and can lead to a potential cross-site scripting\n (XSS) attack. The flaw existed in a parser utility class\n and could affect other parts of the browser or add-ons\n which rely on that class to sanitize untrusted input.\n\n *\n\n MFSA 2012-48 / CVE-2012-1958: Security researcher\n Arthur Gerkis used the Address Sanitizer tool to find a\n use-after-free in nsGlobalWindow::PageHidden when\n mFocusedContent is released and oldFocusedContent is used\n afterwards. This use-after-free could possibly allow for\n remote code execution.\n\n *\n\n MFSA 2012-49 / CVE-2012-1959: Mozilla developer Bobby\n Holley found that same-compartment security wrappers (SCSW)\n can be bypassed by passing them to another compartment.\n Cross-compartment wrappers often do not go through SCSW,\n but have a filtering policy built into them. When an object\n is wrapped cross-compartment, the SCSW is stripped off and,\n when the object is read read back, it is not known that\n SCSW was previously present, resulting in a bypassing of\n SCSW. This could result in untrusted content having access\n to the XBL that implements browser functionality.\n\n *\n\n MFSA 2012-50 / CVE-2012-1960: Google developer Tony\n Payne reported an out of bounds (OOB) read in QCMS,\n Mozilla's color management library. With a carefully\n crafted color profile portions of a user's memory could be\n incorporated into a transformed image and possibly\n deciphered.\n\n *\n\n MFSA 2012-51 / CVE-2012-1961: Bugzilla developer\n Frederic Buclin reported that the &quot;X-Frame-Options header\n is ignored when the value is duplicated, for example\n X-Frame-Options: SAMEORIGIN, SAMEORIGIN. This duplication\n occurs for unknown reasons on some websites and when it\n occurs results in Mozilla browsers not being protected\n against possible clickjacking attacks on those pages.\n\n *\n\n MFSA 2012-52 / CVE-2012-1962: Security researcher\n Bill Keese reported a memory corruption. This is caused by\n JSDependentString::undepend changing a dependent string\n into a fixed string when there are additional dependent\n strings relying on the same base. When the undepend occurs\n during conversion, the base data is freed, leaving other\n dependent strings with dangling pointers. This can lead to\n a potentially exploitable crash.\n\n *\n\n MFSA 2012-53 / CVE-2012-1963: Security researcher\n Karthikeyan Bhargavan of Prosecco at INRIA reported Content\n Security Policy (CSP) 1.0 implementation errors. CSP\n violation reports generated by Firefox and sent to the\n &quot;report-uri&quot; location include sensitive data within the\n &quot;blocked-uri&quot; parameter. These include fragment components\n and query strings even if the &quot;blocked-uri&quot; parameter has a\n different origin than the protected resource. This can be\n used to retrieve a user's OAuth 2.0 access tokens and\n OpenID credentials by malicious sites.\n\n *\n\n MFSA 2012-54 / CVE-2012-1964: Security Researcher\n Matt McCutchen reported that a clickjacking attack using\n the certificate warning page. A man-in-the-middle (MITM)\n attacker can use an iframe to display its own certificate\n error warning page (about:certerror) with the &quot;Add\n Exception&quot; button of a real warning page from a malicious\n site. This can mislead users to adding a certificate\n exception for a different site than the perceived one. This\n can lead to compromised communications with the user\n perceived site through the MITM attack once the certificate\n exception has been added.\n\n *\n\n MFSA 2012-55 / CVE-2012-1965: Security researchers\n Mario Gomes and Soroush Dalili reported that since Mozilla\n allows the pseudo-protocol feed: to prefix any valid URL,\n it is possible to construct feed:javascript: URLs that will\n execute scripts in some contexts. On some sites it may be\n possible to use this to evade output filtering that would\n otherwise strip javascript: URLs and thus contribute to\n cross-site scripting (XSS) problems on these sites.\n\n *\n\n MFSA 2012-56 / CVE-2012-1967: Mozilla security\n researcher moz_bug_r_a4 reported a arbitrary code execution\n attack using a javascript: URL. The Gecko engine features a\n JavaScript sandbox utility that allows the browser or\n add-ons to safely execute script in the context of a web\n page. In certain cases, javascript: URLs are executed in\n such a sandbox with insufficient context that can allow\n those scripts to escape from the sandbox and run with\n elevated privilege. This can lead to arbitrary code\n execution.\n", "edition": 1, "modified": "2012-07-21T01:08:17", "published": "2012-07-21T01:08:17", "id": "SUSE-SU-2012:0895-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:36:41", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "MozillaFirefox has been updated to the 10.0.6ESR security\n release fixing various bugs and several security issues,\n some critical.\n\n The following security issues have been fixed:\n\n *\n\n MFSA 2012-42: Mozilla developers identified and fixed\n several memory safety bugs in the browser engine used in\n Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code.\n\n *\n\n CVE-2012-1948: Benoit Jacob, Jesse Ruderman,\n Christian Holler, and Bill McCloskey reported memory safety\n problems and crashes that affect Firefox ESR 10 and Firefox\n 13.\n\n *\n\n MFSA 2012-43 / CVE-2012-1950: Security researcher\n Mario Gomes andresearch firm Code Audit Labs reported a\n mechanism to short-circuit page loads through drag and drop\n to the addressbar by canceling the page load. This causes\n the address of the previously site entered to be displayed\n in the addressbar instead of the currently loaded page.\n This could lead to potential phishing attacks on users.\n\n *\n\n MFSA 2012-44 Google security researcher Abhishek Arya\n used the Address Sanitizer tool to uncover four issues: two\n use-after-free problems, one out of bounds read bug, and a\n bad cast. The first use-afte.r-free problem is caused when\n an array of nsSMILTimeValueSpec objects is destroyed but\n attempts are made to call into objects in this array later.\n The second use-after-free problem is in\n nsDocument::AdoptNode when it adopts into an empty document\n and then adopts into another document, emptying the first\n one. The heap buffer overflow is in ElementAnimations when\n data is read off of end of an array and then pointers are\n dereferenced. The bad cast happens when\n nsTableFrame::InsertFrames is called with frames in\n aFrameList that are a mix of row group frames and column\n group frames. AppendFrames is not able to handle this mix.\n\n All four of these issues are potentially exploitable.\n\n o CVE-2012-1951: Heap-use-after-free in\n nsSMILTimeValueSpec::IsEventBased o CVE-2012-1954:\n Heap-use-after-free in nsDocument::AdoptNode o\n CVE-2012-1953: Out of bounds read in\n ElementAnimations::EnsureStyleRuleFor o CVE-2012-1952: Bad\n cast in nsTableFrame::InsertFrames\n *\n\n MFSA 2012-45 / CVE-2012-1955: Security researcher\n Mariusz Mlynski reported an issue with spoofing of the\n location property. In this issue, calls to history.forward\n and history.back are used to navigate to a site while\n displaying the previous site in the addressbar but changing\n the baseURI to the newer site. This can be used for\n phishing by allowing the user input form or other data on\n the newer, attacking, site while appearing to be on the\n older, displayed site.\n\n *\n\n MFSA 2012-46 / CVE-2012-1966: Mozilla security\n researcher moz_bug_r_a4 reported a cross-site scripting\n (XSS) attack through the context menu using a data: URL. In\n this issue, context menu functionality (&quot;View Image&quot;, &quot;Show\n only this frame&quot;, and &quot;View background image&quot;) are\n disallowed in a javascript: URL but allowed in a data: URL,\n allowing for XSS. This can lead to arbitrary code execution.\n\n *\n\n MFSA 2012-47 / CVE-2012-1957: Security researcher\n Mario Heiderich reported that javascript could be executed\n in the HTML feed-view using tag within the RSS . This\n problem is due to tags not being filtered out during\n parsing and can lead to a potential cross-site scripting\n (XSS) attack. The flaw existed in a parser utility class\n and could affect other parts of the browser or add-ons\n which rely on that class to sanitize untrusted input.\n\n *\n\n MFSA 2012-48 / CVE-2012-1958: Security researcher\n Arthur Gerkis used the Address Sanitizer tool to find a\n use-after-free in nsGlobalWindow::PageHidden when\n mFocusedContent is released and oldFocusedContent is used\n afterwards. This use-after-free could possibly allow for\n remote code execution.\n\n *\n\n MFSA 2012-49 / CVE-2012-1959: Mozilla developer Bobby\n Holley found that same-compartment security wrappers (SCSW)\n can be bypassed by passing them to another compartment.\n Cross-compartment wrappers often do not go through SCSW,\n but have a filtering policy built into them. When an object\n is wrapped cross-compartment, the SCSW is stripped off and,\n when the object is read read back, it is not known that\n SCSW was previously present, resulting in a bypassing of\n SCSW. This could result in untrusted content having access\n to the XBL that implements browser functionality.\n\n *\n\n MFSA 2012-50 / CVE-2012-1960: Google developer Tony\n Payne reported an out of bounds (OOB) read in QCMS,\n Mozilla's color management library. With a carefully\n crafted color profile portions of a user's memory could be\n incorporated into a transformed image and possibly\n deciphered.\n\n *\n\n MFSA 2012-51 / CVE-2012-1961: Bugzilla developer\n Frederic Buclin reported that the &quot;X-Frame-Options header\n is ignored when the value is duplicated, for example\n X-Frame-Options: SAMEORIGIN, SAMEORIGIN. This duplication\n occurs for unknown reasons on some websites and when it\n occurs results in Mozilla browsers not being protected\n against possible clickjacking attacks on those pages.\n\n *\n\n MFSA 2012-52 / CVE-2012-1962: Security researcher\n Bill Keese reported a memory corruption. This is caused by\n JSDependentString::undepend changing a dependent string\n into a fixed string when there are additional dependent\n strings relying on the same base. When the undepend occurs\n during conversion, the base data is freed, leaving other\n dependent strings with dangling pointers. This can lead to\n a potentially exploitable crash.\n\n *\n\n MFSA 2012-53 / CVE-2012-1963: Security researcher\n Karthikeyan Bhargavan of Prosecco at INRIA reported Content\n Security Policy (CSP) 1.0 implementation errors. CSP\n violation reports generated by Firefox and sent to the\n &quot;report-uri&quot; location include sensitive data within the\n &quot;blocked-uri&quot; parameter. These include fragment components\n and query strings even if the &quot;blocked-uri&quot; parameter has a\n different origin than the protected resource. This can be\n used to retrieve a user's OAuth 2.0 access tokens and\n OpenID credentials by malicious sites.\n\n *\n\n MFSA 2012-54 / CVE-2012-1964: Security Researcher\n Matt McCutchen reported that a clickjacking attack using\n the certificate warning page. A man-in-the-middle (MITM)\n attacker can use an iframe to display its own certificate\n error warning page (about:certerror) with the &quot;Add\n Exception&quot; button of a real warning page from a malicious\n site. This can mislead users to adding a certificate\n exception for a different site than the perceived one. This\n can lead to compromised communications with the user\n perceived site through the MITM attack once the certificate\n exception has been added.\n\n *\n\n MFSA 2012-55 / CVE-2012-1965: Security researchers\n Mario Gomes and Soroush Dalili reported that since Mozilla\n allows the pseudo-protocol feed: to prefix any valid URL,\n it is possible to construct feed:javascript: URLs that will\n execute scripts in some contexts. On some sites it may be\n possible to use this to evade output filtering that would\n otherwise strip javascript: URLs and thus contribute to\n cross-site scripting (XSS) problems on these sites.\n\n *\n\n MFSA 2012-56 / CVE-2012-1967: Mozilla security\n researcher moz_bug_r_a4 reported a arbitrary code execution\n attack using a javascript: URL. The Gecko engine features a\n JavaScript sandbox utility that allows the browser or\n add-ons to safely execute script in the context of a web\n page. In certain cases, javascript: URLs are executed in\n such a sandbox with insufficient context that can allow\n those scripts to escape from the sandbox and run with\n elevated privilege. This can lead to arbitrary code\n execution.\n", "edition": 1, "modified": "2012-07-21T03:08:21", "published": "2012-07-21T03:08:21", "id": "SUSE-SU-2012:0896-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:25:42", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "MozillaFirefox was updated to 14.0.1 to fix various bugs\n and security issues.\n\n\n Following security issues were fixed: MFSA 2012-42: Mozilla\n developers identified and fixed several memory safety bugs\n in the browser engine used in Firefox and other\n Mozilla-based products. Some of these bugs showed evidence\n of memory corruption under certain circumstances, and we\n presume that with enough effort at least some of these\n could be exploited to run arbitrary code.\n\n CVE-2012-1949: Brian Smith, Gary Kwong, Christian Holler,\n Jesse Ruderman, Christoph Diehl, Chris Jones, Brad Lassey,\n and Kyle Huey reported memory safety problems and crashes\n that affect Firefox 13.\n\n CVE-2012-1948: Benoit Jacob, Jesse Ruderman, Christian\n Holler, and Bill McCloskey reported memory safety problems\n and crashes that affect Firefox ESR 10 and Firefox 13.\n\n\n MFSA 2012-43 / CVE-2012-1950: Security researcher Mario\n Gomes andresearch firm Code Audit Labs reported a mechanism\n to short-circuit page loads through drag and drop to the\n addressbar by canceling the page load. This causes the\n address of the previously site entered to be displayed in\n the addressbar instead of the currently loaded page. This\n could lead to potential phishing attacks on users.\n\n MFSA 2012-44 Google security researcher Abhishek Arya used\n the Address Sanitizer tool to uncover four issues: two\n use-after-free problems, one out of bounds read bug, and a\n bad cast. The first use-after-free problem is caused when\n an array of nsSMILTimeValueSpec objects is destroyed but\n attempts are made to call into objects in this array later.\n The second use-after-free problem is in\n nsDocument::AdoptNode when it adopts into an empty document\n and then adopts into another document, emptying the first\n one. The heap buffer overflow is in ElementAnimations when\n data is read off of end of an array and then pointers are\n dereferenced. The bad cast happens when\n nsTableFrame::InsertFrames is called with frames in\n aFrameList that are a mix of row group frames and column\n group frames. AppendFrames is not able to handle this mix.\n\n All four of these issues are potentially exploitable.\n CVE-2012-1951: Heap-use-after-free in\n nsSMILTimeValueSpec::IsEventBased CVE-2012-1954:\n Heap-use-after-free in nsDocument::AdoptNode CVE-2012-1953:\n Out of bounds read in ElementAnimations::EnsureStyleRuleFor\n CVE-2012-1952: Bad cast in nsTableFrame::InsertFrames\n\n\n MFSA 2012-45 / CVE-2012-1955: Security researcher Mariusz\n Mlynski reported an issue with spoofing of the location\n property. In this issue, calls to history.forward and\n history.back are used to navigate to a site while\n displaying the previous site in the addressbar but changing\n the baseURI to the newer site. This can be used for\n phishing by allowing the user input form or other data on\n the newer, attacking, site while appearing to be on the\n older, displayed site.\n\n MFSA 2012-46 / CVE-2012-1966: Mozilla security researcher\n moz_bug_r_a4 reported a cross-site scripting (XSS) attack\n through the context menu using a data: URL. In this issue,\n context menu functionality (&quot;View Image&quot;, &quot;Show only this\n frame&quot;, and &quot;View background image&quot;) are disallowed in a\n javascript: URL but allowed in a data: URL, allowing for\n XSS. This can lead to arbitrary code execution.\n\n MFSA 2012-47 / CVE-2012-1957: Security researcher Mario\n Heiderich reported that javascript could be executed in the\n HTML feed-view using &lt;embed&gt; tag within the RSS\n &lt;description&gt;. This problem is due to &lt;embed&gt; tags not\n being filtered out during parsing and can lead to a\n potential cross-site scripting (XSS) attack. The flaw\n existed in a parser utility class and could affect other\n parts of the browser or add-ons which rely on that class to\n sanitize untrusted input.\n\n\n MFSA 2012-48 / CVE-2012-1958: Security researcher Arthur\n Gerkis used the Address Sanitizer tool to find a\n use-after-free in nsGlobalWindow::PageHidden when\n mFocusedContent is released and oldFocusedContent is used\n afterwards. This use-after-free could possibly allow for\n remote code execution.\n\n\n MFSA 2012-49 / CVE-2012-1959: Mozilla developer Bobby\n Holley found that same-compartment security wrappers (SCSW)\n can be bypassed by passing them to another compartment.\n Cross-compartment wrappers often do not go through SCSW,\n but have a filtering policy built into them. When an object\n is wrapped cross-compartment, the SCSW is stripped off and,\n when the object is read read back, it is not known that\n SCSW was previously present, resulting in a bypassing of\n SCSW. This could result in untrusted content having access\n to the XBL that implements browser functionality.\n\n MFSA 2012-50 / CVE-2012-1960: Google developer Tony Payne\n reported an out of bounds (OOB) read in QCMS, Mozilla\u00c3\u00a2\u00c2\u0080\u00c2\u0099s\n color management library. With a carefully crafted color\n profile portions of a user's memory could be incorporated\n into a transformed image and possibly deciphered.\n\n\n MFSA 2012-51 / CVE-2012-1961: Bugzilla developer Fr\u00c3\u0083\u00c2\u00a9d\u00c3\u0083\u00c2\u00a9ric\n Buclin reported that the &quot;X-Frame-Options header is ignored\n when the value is duplicated, for example X-Frame-Options:\n SAMEORIGIN, SAMEORIGIN. This duplication occurs for unknown\n reasons on some websites and when it occurs results in\n Mozilla browsers not being protected against possible\n clickjacking attacks on those pages.\n\n\n MFSA 2012-52 / CVE-2012-1962: Security researcher Bill\n Keese reported a memory corruption. This is caused by\n JSDependentString::undepend changing a dependent string\n into a fixed string when there are additional dependent\n strings relying on the same base. When the undepend occurs\n during conversion, the base data is freed, leaving other\n dependent strings with dangling pointers. This can lead to\n a potentially exploitable crash.\n\n\n MFSA 2012-53 / CVE-2012-1963: Security researcher\n Karthikeyan Bhargavan of Prosecco at INRIA reported Content\n Security Policy (CSP) 1.0 implementation errors. CSP\n violation reports generated by Firefox and sent to the\n &quot;report-uri&quot; location include sensitive data within the\n &quot;blocked-uri&quot; parameter. These include fragment components\n and query strings even if the &quot;blocked-uri&quot; parameter has a\n different origin than the protected resource. This can be\n used to retrieve a user's OAuth 2.0 access tokens and\n OpenID credentials by malicious sites.\n\n MFSA 2012-54 / CVE-2012-1964: Security Researcher Matt\n McCutchen reported that a clickjacking attack using the\n certificate warning page. A man-in-the-middle (MITM)\n attacker can use an iframe to display its own certificate\n error warning page (about:certerror) with the &quot;Add\n Exception&quot; button of a real warning page from a malicious\n site. This can mislead users to adding a certificate\n exception for a different site than the perceived one. This\n can lead to compromised communications with the user\n perceived site through the MITM attack once the certificate\n exception has been added.\n\n\n MFSA 2012-55 / CVE-2012-1965: Security researchers Mario\n Gomes and Soroush Dalili reported that since Mozilla allows\n the pseudo-protocol feed: to prefix any valid URL, it is\n possible to construct feed:javascript: URLs that will\n execute scripts in some contexts. On some sites it may be\n possible to use this to evade output filtering that would\n otherwise strip javascript: URLs and thus contribute to\n cross-site scripting (XSS) problems on these sites.\n\n MFSA 2012-56 / CVE-2012-1967: Mozilla security researcher\n moz_bug_r_a4 reported a arbitrary code execution attack\n using a javascript: URL. The Gecko engine features a\n JavaScript sandbox utility that allows the browser or\n add-ons to safely execute script in the context of a web\n page. In certain cases, javascript: URLs are executed in\n such a sandbox with insufficient context that can allow\n those scripts to escape from the sandbox and run with\n elevated privilege. This can lead to arbitrary code\n execution.\n\n", "edition": 1, "modified": "2012-07-23T14:08:16", "published": "2012-07-23T14:08:16", "id": "OPENSUSE-SU-2012:0899-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html", "title": "MozillaFirefox to 14.0.1 (critical)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:46:38", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Mozilla XULRunner was updated to 14.0.1, fixing bugs and\n security issues:\n\n\n\n Following security issues were fixed: MFSA 2012-42: Mozilla\n developers identified and fixed several memory safety bugs\n in the browser engine used in Firefox and other\n Mozilla-based products. Some of these bugs showed evidence\n of memory corruption under certain circumstances, and we\n presume that with enough effort at least some of these\n could be exploited to run arbitrary code.\n\n CVE-2012-1949: Brian Smith, Gary Kwong, Christian Holler,\n Jesse Ruderman, Christoph Diehl, Chris Jones, Brad Lassey,\n and Kyle Huey reported memory safety problems and crashes\n that affect Firefox 13.\n\n CVE-2012-1948: Benoit Jacob, Jesse Ruderman, Christian\n Holler, and Bill McCloskey reported memory safety problems\n and crashes that affect Firefox ESR 10 and Firefox 13.\n\n\n MFSA 2012-43 / CVE-2012-1950: Security researcher Mario\n Gomes andresearch firm Code Audit Labs reported a mechanism\n to short-circuit page loads through drag and drop to the\n addressbar by canceling the page load. This causes the\n address of the previously site entered to be displayed in\n the addressbar instead of the currently loaded page. This\n could lead to potential phishing attacks on users.\n\n MFSA 2012-44\n\n Google security researcher Abhishek Arya used the Address\n Sanitizer tool to uncover four issues: two use-after-free\n problems, one out of bounds read bug, and a bad cast. The\n first use-after-free problem is caused when an array of\n nsSMILTimeValueSpec objects is destroyed but attempts are\n made to call into objects in this array later. The second\n use-after-free problem is in nsDocument::AdoptNode when it\n adopts into an empty document and then adopts into another\n document, emptying the first one. The heap buffer overflow\n is in ElementAnimations when data is read off of end of an\n array and then pointers are dereferenced. The bad cast\n happens when nsTableFrame::InsertFrames is called with\n frames in aFrameList that are a mix of row group frames and\n column group frames. AppendFrames is not able to handle\n this mix.\n\n All four of these issues are potentially exploitable.\n CVE-2012-1951: Heap-use-after-free in\n nsSMILTimeValueSpec::IsEventBased CVE-2012-1954:\n Heap-use-after-free in nsDocument::AdoptNode CVE-2012-1953:\n Out of bounds read in ElementAnimations::EnsureStyleRuleFor\n CVE-2012-1952: Bad cast in nsTableFrame::InsertFrames\n\n\n MFSA 2012-45 / CVE-2012-1955: Security researcher Mariusz\n Mlynski reported an issue with spoofing of the location\n property. In this issue, calls to history.forward and\n history.back are used to navigate to a site while\n displaying the previous site in the addressbar but changing\n the baseURI to the newer site. This can be used for\n phishing by allowing the user input form or other data on\n the newer, attacking, site while appearing to be on the\n older, displayed site.\n\n MFSA 2012-46 / CVE-2012-1966: Mozilla security researcher\n moz_bug_r_a4 reported a cross-site scripting (XSS) attack\n through the context menu using a data: URL. In this issue,\n context menu functionality (&quot;View Image&quot;, &quot;Show only this\n frame&quot;, and &quot;View background image&quot;) are disallowed in a\n javascript: URL but allowed in a data: URL, allowing for\n XSS. This can lead to arbitrary code execution.\n\n MFSA 2012-47 / CVE-2012-1957: Security researcher Mario\n Heiderich reported that javascript could be executed in the\n HTML feed-view using tag within the RSS . This problem is\n due to tags not being filtered out during parsing and can\n lead to a potential cross-site scripting (XSS) attack. The\n flaw existed in a parser utility class and could affect\n other parts of the browser or add-ons which rely on that\n class to sanitize untrusted input.\n\n\n MFSA 2012-48 / CVE-2012-1958: Security researcher Arthur\n Gerkis used the Address Sanitizer tool to find a\n use-after-free in nsGlobalWindow::PageHidden when\n mFocusedContent is released and oldFocusedContent is used\n afterwards. This use-after-free could possibly allow for\n remote code execution.\n\n\n MFSA 2012-49 / CVE-2012-1959: Mozilla developer Bobby\n Holley found that same-compartment security wrappers (SCSW)\n can be bypassed by passing them to another compartment.\n Cross-compartment wrappers often do not go through SCSW,\n\n but have a filtering policy built into them. When an object\n is wrapped cross-compartment, the SCSW is stripped off and,\n when the object is read read back, it is not known that\n SCSW was previously present, resulting in a bypassing of\n SCSW. This could result in untrusted content having access\n to the XBL that implements browser functionality.\n\n MFSA 2012-50 / CVE-2012-1960: Google developer Tony Payne\n reported an out of bounds (OOB) read in QCMS, Mozilla\u00c3\u00a2\u00c2\u0080\u00c2\u0099s\n color management library. With a carefully crafted color\n profile portions of a user's memory could be incorporated\n into a transformed image and possibly deciphered.\n\n\n MFSA 2012-51 / CVE-2012-1961: Bugzilla developer Fr\u00c3\u0083\u00c2\u00a9d\u00c3\u0083\u00c2\u00a9ric\n Buclin reported that the &quot;X-Frame-Options header is ignored\n when the value is duplicated, for example X-Frame-Options:\n SAMEORIGIN, SAMEORIGIN. This duplication occurs for unknown\n reasons on some websites and when it occurs results in\n Mozilla browsers not being protected against possible\n clickjacking attacks on those pages.\n\n\n MFSA 2012-52 / CVE-2012-1962: Security researcher Bill\n Keese reported a memory corruption. This is caused by\n JSDependentString::undepend changing a dependent string\n into a fixed string when there are additional dependent\n strings relying on the same base. When the undepend occurs\n during conversion, the base data is freed, leaving other\n dependent strings with dangling pointers. This can lead to\n a potentially exploitable crash.\n\n\n MFSA 2012-53 / CVE-2012-1963: Security researcher\n Karthikeyan Bhargavan of Prosecco at INRIA reported Content\n Security Policy (CSP) 1.0 implementation errors. CSP\n violation reports generated by Firefox and sent to the\n &quot;report-uri&quot; location include sensitive data within the\n &quot;blocked-uri&quot; parameter. These include fragment components\n and query strings even if the &quot;blocked-uri&quot; parameter has a\n different origin than the protected resource. This can be\n used to retrieve a user's OAuth 2.0 access tokens and\n OpenID credentials by malicious sites.\n\n MFSA 2012-54 / CVE-2012-1964: Security Researcher Matt\n McCutchen reported that a clickjacking attack using the\n certificate warning page. A man-in-the-middle (MITM)\n attacker can use an iframe to display its own certificate\n error warning page (about:certerror) with the &quot;Add\n Exception&quot; button of a real warning page from a malicious\n site. This can mislead users to adding a certificate\n exception for a different site than the perceived one. This\n can lead to compromised communications with the user\n perceived site through the MITM attack once the certificate\n exception has been added.\n\n\n\n MFSA 2012-55 / CVE-2012-1965: Security researchers Mario\n Gomes and Soroush Dalili reported that since Mozilla allows\n the pseudo-protocol feed: to prefix any valid URL, it is\n possible to construct feed:javascript: URLs that will\n execute scripts in some contexts. On some sites it may be\n possible to use this to evade output filtering that would\n otherwise strip javascript: URLs and thus contribute to\n cross-site scripting (XSS) problems on these sites.\n\n MFSA 2012-56 / CVE-2012-1967: Mozilla security researcher\n moz_bug_r_a4 reported a arbitrary code execution attack\n using a javascript: URL. The Gecko engine features a\n JavaScript sandbox utility that allows the browser or\n add-ons to safely execute script in the context of a web\n page. In certain cases, javascript: URLs are executed in\n such a sandbox with insufficient context that can allow\n those scripts to escape from the sandbox and run with\n elevated privilege. This can lead to arbitrary code\n execution.\n\n", "edition": 1, "modified": "2012-07-30T17:08:56", "published": "2012-07-30T17:08:56", "id": "OPENSUSE-SU-2012:0924-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00017.html", "type": "suse", "title": "xulrunner to 14.0.1 (critical)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:18:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1963"], "description": "Seamonkey was updated to version 2.11 (bnc#771583)\n\n * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous\n memory safety hazards\n * MFSA\n 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1\n 952 Gecko memory corruption\n * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue\n with location\n * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper\n filtering of javascript in HTML feed-view\n * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free\n in nsGlobalWindow::PageHidden\n * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)\n Same-compartment Security Wrappers can be bypassed\n * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds\n read in QCMS\n * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options\n header ignored when duplicated\n * MFSA 2012-52/CVE-2012-1962 (bmo#764296)\n JSDependentString::undepend string conversion results\n in memory corruption\n * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content\n Security Policy 1.0 implementation errors cause data\n leakage\n * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution\n through javascript: URLs\n * relicensed to MPL-2.0\n - updated/removed patches\n - requires NSS 3.13.5\n\n - update to Seamonkey 2.10.1\n\n", "edition": 1, "modified": "2012-08-01T18:08:34", "published": "2012-08-01T18:08:34", "id": "OPENSUSE-SU-2012:0935-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00000.html", "type": "suse", "title": "seamonkey: Update to Seamonkey 2.11 (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:05:54", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1963"], "description": "Mozilla Thunderbird was updated to version 14.0 (bnc#771583)\n * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous\n memory safety hazards\n * MFSA\n 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1\n 952 Gecko memory corruption\n * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue\n with location\n * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper\n filtering of javascript in HTML feed-view\n * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free\n in nsGlobalWindow::PageHidden\n * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)\n Same-compartment Security Wrappers can be bypassed\n * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds\n read in QCMS\n * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options\n header ignored when duplicated\n * MFSA 2012-52/CVE-2012-1962 (bmo#764296)\n JSDependentString::undepend string conversion results\n in memory corruption\n * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content\n Security Policy 1.0 implementation errors cause data\n leakage\n * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution\n through javascript: URLs\n * relicensed to MPL-2.0\n - update Enigmail to 1.4.3\n\n - no crashreport on %arm, fixing build\n\n", "edition": 1, "modified": "2012-07-27T13:08:18", "published": "2012-07-27T13:08:18", "id": "OPENSUSE-SU-2012:0917-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html", "title": "MozillaThunderbird: update to Thunderbird 14.0 (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2011-3671", "CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1953", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "Multiple memory corruptions, code execution, data spoofing, crossite scripting, information leakage.", "edition": 1, "modified": "2012-08-13T00:00:00", "published": "2012-08-13T00:00:00", "id": "SECURITYVULNS:VULN:12483", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12483", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:47", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1962", "CVE-2012-1950", "CVE-2012-1953", "CVE-2012-1949", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967", "CVE-2012-1961", "CVE-2012-1951", "CVE-2012-1952", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-1965", "CVE-2012-1959", "CVE-2012-1957", "CVE-2012-1958", "CVE-2012-1964", "CVE-2012-1963"], "description": "\nThe Mozilla Project reports:\n\nMFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/\n\t rv:10.0.6)\nMFSA 2012-43 Incorrect URL displayed in addressbar through drag and\n\t drop\nMFSA 2012-44 Gecko memory corruption\nMFSA 2012-45 Spoofing issue with location\nMFSA 2012-46 XSS through data: URLs\nMFSA 2012-47 Improper filtering of javascript in HTML feed-view\nMFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden\nMFSA 2012-49 Same-compartment Security Wrappers can be bypassed\nMFSA 2012-50 Out of bounds read in QCMS\nMFSA 2012-51 X-Frame-Options header ignored when duplicated\nMFSA 2012-52 JSDependentString::undepend string conversion results\n\t in memory corruption\nMFSA 2012-53 Content Security Policy 1.0 implementation errors\n\t cause data leakage\nMFSA 2012-54 Clickjacking of certificate warning page\nMFSA 2012-55 feed: URLs with an innerURI inherit security context\n\t of page\nMFSA 2012-56 Code execution through javascript: URLs\n\n", "edition": 4, "modified": "2012-07-17T00:00:00", "published": "2012-07-17T00:00:00", "id": "DBF338D0-DCE5-11E1-B655-14DAE9EBCF89", "href": "https://vuxml.freebsd.org/freebsd/dbf338d0-dce5-11e1-b655-14dae9ebcf89.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:28:09", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1966", "CVE-2012-1954", "CVE-2012-1967"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2514-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nJuly 17, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceweasel\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-1948 CVE-2012-1950 CVE-2012-1954 CVE-2012-1966\n CVE-2012-1967\n\nSeveral vulnerabilities have been discovered in Iceweasel, a web\nbrowser based on Firefox. The included XULRunner library provides\nrendering services for several other applications included in Debian.\n\nCVE-2012-1948\n\n Benoit Jacob, Jesse Ruderman, Christian Holler, and Bill McCloskey\n identified several memory safety problems that may lead to the\n execution of arbitrary code.\n\nCVE-2012-1950\n\n Mario Gomes and Code Audit Labs discovered that it is possible\n to force iceweasel to display the URL of the previous entered site\n through drag and drop actions to the address bar. This can be\n abused to perform phishing attacks.\n\nCVE-2012-1954\n\n Abhishek Arya discovered a use-after-free problem in nsDocument::AdoptNode\n that may lead to the execution of arbitrary code.\n\nCVE-2012-1966\n\n moz_bug_r_a4 discovered that it is possible to perform cross-site\n scripting attacks through the context menu when using data: URLs.\n\nCVE-2012-1967\n\n moz_bug_r_a4 discovered that in certain cases, javascript: URLs can\n be executed so that scripts can escape the JavaScript sandbox and run\n with elevated privileges.\n\nNote: We&#x27;d like to advise users of Iceweasel&#x27;s 3.5 branch in Debian\nstable to consider to upgrade to the Iceweasel 10.0 ESR (Extended\nSupport Release) which is now available in Debian Backports.\nAlthough Debian will continue to support Iceweasel 3.5 in stable with\nsecurity updates, this can only be done on a best effort base as\nupstream provides no such support anymore. On top of that, the 10.0\nbranch adds proactive security features to the browser.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.16-17.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 10.0.6esr-1.\n\n\nWe recommend that you upgrade your iceweasel packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n", "edition": 3, "modified": "2012-07-17T20:04:25", "published": "2012-07-17T20:04:25", "id": "DEBIAN:DSA-2514-1:E25AC", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00153.html", "title": "[SECURITY] [DSA 2514-1] iceweasel security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:27:59", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1950", "CVE-2012-1948", "CVE-2012-1954", "CVE-2012-1967"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2528-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nAugust 14, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icedove\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-1948 CVE-2012-1950 CVE-2012-1954 CVE-2012-1967\n\nSeveral vulnerabilities were discovered in Icedove, Debian&#x27;s version\nof the Mozilla Thunderbird mail and news client.\n\nCVE-2012-1948\n\tMultiple unspecified vulnerabilities in the browser engine\n\twere fixed.\n\nCVE-2012-1950\n\tThe underlying browser engine allows address bar spoofing \n\tthrough drag-and-drop.\n\nCVE-2012-1954\n\tA use-after-free vulnerability in the nsDocument::AdoptNode\n\tfunction allows remote attackers to cause a denial of service\n\t(heap memory corruption) or possibly execute arbitrary code.\n\nCVE-2012-1967\n\tAn error in the implementation of the Javascript sandbox\n\tallows execution of Javascript code with improper privileges\n\tusing javascript: URLs.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 3.0.11-1+squeeze12.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 10.0.6-1.\n\nWe recommend that you upgrade your icedove packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2012-08-14T19:26:56", "published": "2012-08-14T19:26:56", "id": "DEBIAN:DSA-2528-1:8BC3E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00169.html", "title": "[SECURITY] [DSA 2528-1] icedove security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:42", "bulletinFamily": "software", "cvelist": ["CVE-2012-1953", "CVE-2012-1954", "CVE-2012-1951", "CVE-2012-1952"], "edition": 1, "description": "Google security researcher Abhishek Arya used the Address\nSanitizer tool to uncover four issues: two use-after-free problems, one out of\nbounds read bug, and a bad cast. The first use-after-free problem is caused\nwhen an array of nsSMILTimeValueSpec objects is destroyed but attempts are made\nto call into objects in this array later. The second use-after-free problem is\nin nsDocument::AdoptNode when it adopts into an empty document and then adopts\ninto another document, emptying the first one. The heap buffer overflow is in\nElementAnimations when data is read off of end of an array and then pointers are\ndereferenced. The bad cast happens when nsTableFrame::InsertFrames is called\nwith frames in aFrameList that are a mix of row group frames and column group\nframes. AppendFrames is not able to handle this mix.\nAll four of these issues are potentially exploitable.", "modified": "2012-07-17T00:00:00", "published": "2012-07-17T00:00:00", "id": "MFSA2012-44", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2012-44/", "type": "mozilla", "title": "Gecko memory corruption", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-12-09T19:47:18", "description": "Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.", "edition": 5, "cvss3": {}, "published": "2012-07-18T10:26:00", "title": "CVE-2012-1951", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1951"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:thunderbird_esr:10.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:thunderbird_esr:10.0.4", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.3", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:thunderbird_esr:10.0.2", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.5", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2012-1951", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1951", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:18", "description": "The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.", "edition": 5, "cvss3": {}, "published": "2012-07-18T10:26:00", "title": "CVE-2012-1953", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1953"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:thunderbird_esr:10.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:thunderbird_esr:10.0.4", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.3", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:thunderbird_esr:10.0.2", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.5", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2012-1953", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1953", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:03", "description": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.", "edition": 3, "cvss3": {}, "published": "2012-07-18T10:26:00", "title": "CVE-2012-1965", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1965"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:firefox:5.0"], "id": "CVE-2012-1965", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1965", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.", "edition": 5, "cvss3": {}, "published": "2012-07-18T10:26:00", "title": "CVE-2012-1963", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1963"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:thunderbird_esr:10.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:thunderbird_esr:10.0.4", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.3", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:thunderbird_esr:10.0.2", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.5", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2012-1963", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1963", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:03", "description": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.", "edition": 3, "cvss3": {}, "published": "2012-07-18T10:26:00", "title": "CVE-2012-1966", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1966"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:firefox:5.0"], "id": "CVE-2012-1966", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1966", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element.", "edition": 5, "cvss3": {}, "published": "2012-07-18T10:26:00", "title": "CVE-2012-1964", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1964"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:thunderbird_esr:10.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:thunderbird_esr:10.0.4", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.3", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:thunderbird_esr:10.0.2", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.5", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2012-1964", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1964", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.", "edition": 5, "cvss3": {}, "published": "2012-07-18T10:26:00", "title": "CVE-2012-1962", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1962"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:thunderbird_esr:10.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:thunderbird_esr:10.0.4", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.3", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:thunderbird_esr:10.0.2", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird_esr:10.0.5", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird_esr:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2012-1962", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1962", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}]}